fix(security): patch DOM-based XSS in bundled Featherlight (CVE-2024-5667)#80

Open

cpalexh wants to merge 3 commits into

cipherdevgroup:developfrom

cpalexh:fix/cve-2024-5667-featherlight-xss

Commits on Jun 11, 2026

fix(security): patch DOM-based XSS in bundled Featherlight (CVE-2024-5667)

cpalexh
and
claude
committed
fix(security): sanitize lightbox captions to close second DOM-XSS sink

cpalexh
and
claude
committed
build: revert vendor/featherlight sources, keep fix in shipped bundles

cpalexh
and
claude
committed