Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the xmp raw-text passthrough. An attacker can execute arbitrary JavaScript in the browser of another user by submitting specially crafted HTML content that is sanitized and then rendered as trusted output...

Cross-site Scripting (XSS)

Overview sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Cross-site Scripting XSS via the xmp raw-text passthrough. An attacker can...