Skip to content

Release version 1.7.5

Compare
Choose a tag to compare
@davewichers davewichers released this 02 Feb 15:45
· 148 commits to main since this release
12a2e31

This release addresses the vulnerability documented in GHSA-2mrq-w8pv-5pvq. AntiSamy versions prior to v1.7.5 are subject to mutation XSS (mXSS) vulnerability when preserving comments. - https://www.cvedetails.com/cve/CVE-2024-23635.

In addition, a number of libraries and plugins were upgraded.

Note: The upgrade in the HTML parser may alter outputs compared to 1.7.4 and before. This may impact regression tests that involve AntiSamy if they are too strict when comparing a resulting output with the expected one.