Vulnerabilities/

Cross-Site Scripting in sanitize-html (GHSA-3j7m-hmh3-9jmp)

Severity:
Medium

Description

Affected versions of sanitize-html do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript.

Recommendation

Update the sanitize-html package to the latest compatible version. Followings are version details:

References

Related Issues

Tags:
npm
sanitize-html
Anything's wrong? Let us know Last updated on January 09, 2023

This issue is available in SmartScanner Professional

See Pricing