0.001 Low
EPSS
Percentile
48.5%
Affected versions of sanitize-html do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript.
sanitize-html
Update to version 1.4.3 or later.