Lucene search
HackeroneCVELIST:CVE-2017-0928HistoryApr 26, 2018 - 12:00 a.m.
CVE-2017-0928
2018-04-2600:00:00
CWE-642
hackerone
www.cve.org
0.001 Low
EPSS
Percentile
29.7%
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the ‘_sanitized’ variable causing sanitization to be bypassed.
CNA Affected
[
{
"product": "html-janitor node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
]Related
cve
cve
CVE-2017-0928
2018-06-04 19:29:00
prion
prion
Hardcoded credentials
2018-06-04 19:29:00
osv
osv
Bypassing Sanitization using DOM clobbering in html-janitor
2018-07-24 20:06:17
CVE-2017-0928
2018-06-04 19:29:00
github
github
Bypassing Sanitization using DOM clobbering in html-janitor
2018-07-24 20:06:17
hackerone
hackerone
nvd
nvd
CVE-2017-0928
2018-06-04 19:29:00
veracode
veracode
Cross-site Scripting (XSS)
2018-02-07 02:15:15
nodejs
nodejs
Bypassing Sanitization using DOM clobbering
2018-04-20 21:37:50