Sanitize Security Vulnerabilities and Issues — Sanitize CVE List

Lucene search

Sanitize ProjectSanitize

1 matches found

CVE•added 2023/01/28 12:15 a.m.•84 views

CVE-2023-23627

Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is configured with a custom allowlist that allows noscript elements, attackers are able to include arbitrary HTML, resulting in XSS (cross-site scri...

6.1CVSS6.1AI score0.00299EPSS