CVE-2021-23974

The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt