2023-10-31 00:00:00
mitre
PUBLISHED
DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a rel="noopener noreferrer" attribute.