3 matches found
CVE-2021-32696
The npm package "striptags" is an implementation of PHP's striptags in Typescript. In striptags before version 3.2.0, a type-confusion vulnerability can cause striptags to concatenate unsanitized strings when an array-like object is passed in as the html parameter. This can be abused by an attack...
CVE-2021-32696
The npm package "striptags" is an implementation of PHP's striptags in Typescript. In striptags before version 3.2.0, a type-confusion vulnerability can cause striptags to concatenate unsanitized strings when an array-like object is passed in as the html parameter. This can be abused by an attack...
@3eyes/3commerce (>=0.0.2 <=0.0.25), @acwars/hexo-reference (=1.0.0) +1062 more potentially affected by CVE-2021-32696 via striptags (>=1.0.0 <=3.1.1)
striptags NPM version =1.0.0, =0.0.2, =0.0.1, =0.16.9, =0.2.21, =0.3.18-beta.0, =0.1.0, =0.1.1, =1.0.0, =0.0.1, =1.1.73-beta.3, =1.3.19 and more Source cves: CVE-2021-32696 Source advisory: OSV:GHSA-QXG5-2QFF-P49R...