GoogleOSV:GHSA-GRJP-4JMR-MJCWexpress-xss-sanitizer vulnerable to Prototype Pollution via allowedTags attribute
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
EPSS
Percentile
45.1%
The package express-xss-sanitizer before 1.1.3 is vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.
References
github.com/AhmedAdelFahim/express-xss-sanitizer
github.com/AhmedAdelFahim/express-xss-sanitizer/commit/3bf8aaaf4dbb1c209dcb8d87a82711a54c1ab39a
github.com/AhmedAdelFahim/express-xss-sanitizer/issues/4
nvd.nist.gov/vuln/detail/CVE-2022-21169
runkit.com/embed/w306l6zfm7tu
security.snyk.io/vuln/SNYK-JS-EXPRESSXSSSANITIZER-3027443
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
EPSS
Percentile
45.1%