Description
Affected versions of sanitize-html are vulnerable to cross-site scripting.
Recommendation
Update the sanitize-html package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.2.3
- Patched version(s): 1.2.3
References
Related Issues
- Potential XSS vulnerability in jQuery - CVE-2020-11023
- Prototype Pollution in jquery-deparam - CVE-2021-20087
- webfinger.js Blind SSRF Vulnerability - CVE-2025-54590
- files.photo.gallery command injection - CVE-2024-53615
- Tags:
- npm
- sanitize-html
Anything's wrong? Let us know Last updated on September 08, 2023