CVE-2025-48050 – Apache DOMPurify Directory Traversal

CVE ID : CVE-2025-48050

Published : May 15, 2025, 4:15 p.m. | 43 minutes ago

Description : In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…