Sanitize-svg@* Security Vulnerabilities and Issues — Sanitize-svg@* CVE List

Lucene search

Sanitize-svg ProjectSanitize-svg*

1 matches found

CVE•added 2023/01/04 3:15 p.m.•42 views

CVE-2023-22461

The sanitize-svg package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. In doing so, literal [removed]-tags and on-event handlers were detected in versions prior to 0.4.0. As a result, downstream software that relies on sani...

7.6CVSS5.9AI score0.00206EPSS