CVE-2017-0928
CVE-2017-0928 affects the html-janitor node module. The root cause is external control of the _sanitized variable, allowing sanitization bypass and enabling cross-site scripting (XSS). All versions are reported vulnerable (per multiple advisories), with remediation/mitigation guidance to upgrade ...