CVE-2022-23638
on github
Published
Severity
CVSS v3:
6.1 MEDIUM
CVSS v2:
4.3 MEDIUM
Description
svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15.0. There is currently no workaround available.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:svg-sanitizer_project:svg-sanitizer:*:*:*:*:*:*:*:* | n/a | 0.15.0 | * |