0.001 Low
EPSS
Percentile
29.7%
html-janitor is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary HTML through DOM clobbering.
github.com/guardian/html-janitor/issues/35
github.com/nodejs/security-wg/pull/116
hackerone.com/reports/308158
twitter.com/_bayotop