It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was
susceptible to nesting-based mXSS.

https://security-tracker.debian.org/tracker/DSA-5790-1

Read More