RSS   Vulnerabilities for 'Html-janitor'   RSS

2018-06-04
 
CVE-2017-0931

CWE-79
 
 
html-janitor node module suffers from a Cross-Site Scripting (XSS) vulnerability via clean() accepting user-controlled values.

 
 
CVE-2017-0928

CWE-642
 
 
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed.

 

Copyright 2024, cxsecurity.com

 

Back to Top