Lucene search

CVE-2021-26540

🗓️ 08 Feb 2021 17:13:15Reported by [email protected]Type

Apostrophe Technologies sanitize-html before 2.3.2 allows bypass of hostname whitelis

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
Veracode	Privilege Escalation	9 Feb 202102:21	–	veracode
RedhatCVE	CVE-2021-26540	24 Feb 202114:04	–	redhatcve
Cvelist	CVE-2021-26540	8 Feb 202116:16	–	cvelist
Prion	Design/Logic Flaw	8 Feb 202117:15	–	prion
Debian CVE	CVE-2021-26540	8 Feb 202117:15	–	debiancve
OSV	GHSA-MJXR-4V3X-Q3M4 Improper Input Validation in sanitize-html	6 May 202116:10	–	osv
OSV	CVE-2021-26540	8 Feb 202117:15	–	osv
Github Security Blog	Improper Input Validation in sanitize-html	6 May 202116:10	–	github
Node.js	Improper Input Validation	6 May 202116:14	–	nodejs
CVE	CVE-2021-26540	8 Feb 202117:15	–	cve

Nvd

Node

apostrophecms sanitize-htmlRange<2.3.2node.js

Source	Link
github	www.github.com/apostrophecms/sanitize-html/pull/460
advisory	www.advisory.checkmarx.net/advisory/CX-2021-4309
github	www.github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Feb 2021 17:15Current

CVSS25

CVSS35.3

EPSS0.00288