All versions of html-janitor
are vulnerable to cross-site scripting (XSS).
Arbitrary HTML can pass the sanitization process, which can be unexpected and dangerous (XSS) in case user-controlled input is passed to the clean function."
Upgrade to version 2.0.4 or later.
CPE | Name | Operator | Version |
---|---|---|---|
html-janitor | lt | 2.0.4 |