dompurify vulnerable to Cross-site Scripting
dompurify prior to version 2.2.3 is vulnerable to a cross-site scripting problem caused by nested headlines.
Advisories for Pypi/Dompurify package
2023
dompurify vulnerable to Cross-site Scripting
dompurify prior to version 2.2.2 is vulnerable to cross-site scripting when converting from SVG namespace.