CVE-2019-25155 | Cure53 DOMPurify up to 1.0.10 hooks-target-blank-demo.html reverse tabnabbing (EUVD-2023-2923)
A vulnerability identified as problematic has been detected in Cure53 DOMPurify up to 1.0.10. This affects an unknown function of the file demos/hooks-target-blank-demo.html. The manipulation leads to use of web link to untrusted target with window.opener access.
This vulnerability is listed as CVE-2019-25155. The attack must be carried out from within the local network. There is no available exploit.
You should upgrade the affected component.