Skip to content

Security: cure53/DOMPurify

SECURITY.md

Supported Versions

Always the latest release.

Reporting a Vulnerability

First of all, please immediately contact us via email so we can work on a fix. PGP key

Also, you probably qualify for a bug bounty! The fine folks over at Fastmail use DOMPurify for their services and added our library to their bug bounty scope. So, if you find a way to bypass or weaken DOMPurify, please also have a look at their website and the bug bounty info.

Learn more about advisories related to cure53/DOMPurify in the GitHub Advisory Database