4 matches found
CVE-2022-21169
The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization...
CVE-2022-21169 Prototype Pollution
The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization...
CVE-2022-21169
Express-XSS-Sanitizer prior to 1.1.3 is vulnerable to Prototype Pollution via the allowedTags attribute, enabling bypass of XSS sanitization. Affected: express-xss-sanitizer pre-1.1.3. Root cause: prototype contamination affecting sanitization. Impact: potential bypass of input sanitization and r...
CVE-2022-21169 Prototype Pollution
The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization...