2 matches found
CVE-2014-125128
creationtimestamp| type| source ---|---|--- 2025-09-08 13:00:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lydb5ohvz32d...
CVE-2014-125128
'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting XSS. The function 'naughtyHref' doesn't properly validate the hyperreference href attribute in anchor tags , allowing bypasses that contain different casings, whitespace characters, or hexadecimal encodings...