Security Advisory

CVE-2024-53382

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-03 00:00:00

Last updated 2025-03-03 21:53:33

Assigner mitre

State PUBLISHED

Description

Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.

← Browse all CVEs View on cve.org ↗