Security Advisory

CVE-2022-23515

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-14 13:23:02

Last updated 2025-11-03 21:45:54

Assigner GitHub_M

State PUBLISHED

Description

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.

← Browse all CVEs View on cve.org ↗