vulnerability in magic-regexp project

While working on magic-regexp project, I identified a DOM-based XSS vulnerability in the [vue-i18n package](https://staging.vulert.com/vuln-db/CVE-2025-53892) (this dependency used by magic-regexp) . This issue is tied to the escapeParameterHtml setting, which fails to fully sanitize certain tag attributes even when enabled, exposing applications to potential script injection attacks.

[CVE Link](https://staging.vulert.com/vuln-db/CVE-2025-53892)
[CVE Report](https://vulert.com/vuln-scan/list/c62feb65-5771-4141-9eb2-f2fe3025baac)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

vulnerability in magic-regexp project #597

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

vulnerability in magic-regexp project #597

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions