2 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-25225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sanitize-html prior to version 2.0.0-beta is vulnerable to Cross-site Scripting XSS. The sanitizeHtml function in index.js does not sanitize content when using...
UBUNTU-CVE-2019-25225
sanitize-html prior to version 2.0.0-beta is vulnerable to Cross-site Scripting XSS. The sanitizeHtml function in index.js does not sanitize content when using the custom transformTags option, which is intended to convert attribute values into text. As a result, malicious input can be transformed...