CVE-2022-23638

Published February 14th, 2022

View on NVD ↗

CVSS v3

6.2

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15.0. There is currently no workaround available.

darylldoyle/svg-sanitizer

A PHP SVG/XML Sanitizer

GitHub

543