html-janitor@1.0.1 vulnerabilities
Cleans up your markup and allows you to take control of your HTML.
-
latest version
2.0.4
-
first published
11 years ago
-
latest version published
6 years ago
-
licenses detected
- >=0.3.1
Direct Vulnerabilities
Known vulnerabilities in the html-janitor package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
html-janitor is a library that cleans up your markup and allows you to take control of your HTML. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Passing user-controlled data to the module's clean() function can result in arbitrary JS execution, because of unsafe DOM operations. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|
html-janitor is a library that cleans up your markup and allows you to take control of your HTML. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Arbitrary HTML can pass the sanitization process, which can be unexpected and dangerous (XSS) in case user-controlled input is passed to the clean function. How to fix Cross-site Scripting (XSS)? Upgrade |
<2.0.4
|