Lucene search
GoogleOSV:GHSA-FX46-WHRJ-73V5HistoryJul 24, 2018 - 8:06 p.m.
Bypassing Sanitization using DOM clobbering in html-janitor
2018-07-2420:06:17
Google
osv.dev
105
0.001 Low
EPSS
Percentile
29.7%
All versions of html-janitor are vulnerable to cross-site scripting (XSS).
Arbitrary HTML can pass the sanitization process, which can be unexpected and dangerous (XSS) in case user-controlled input is passed to the clean function."
Recommendation
Upgrade to version 2.0.4 or later.
Related
cve
cve
CVE-2017-0928
2018-06-04 19:29:00
prion
prion
Hardcoded credentials
2018-06-04 19:29:00
github
github
Bypassing Sanitization using DOM clobbering in html-janitor
2018-07-24 20:06:17
osv
osv
CVE-2017-0928
2018-06-04 19:29:00
hackerone
hackerone
veracode
veracode
Cross-site Scripting (XSS)
2018-02-07 02:15:15
nvd
nvd
CVE-2017-0928
2018-06-04 19:29:00
nodejs
nodejs
Bypassing Sanitization using DOM clobbering
2018-04-20 21:37:50
cvelist
cvelist
CVE-2017-0928
2018-04-26 00:00:00