sanitize-html 0.1.4

Direct Vulnerabilities

Known vulnerabilities in the sanitize-html package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS) sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Cross-site Scripting (XSS) incomplete validation of URI schemes in attributes such as `action`, `formaction`, `data`, `poster`, and `background`. An attacker can execute arbitrary scripts in the context of the user’s browser by injecting a crafted `javascript:` URI into these attributes when they are allowed in the configuration. How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to version 2.17.5 or higher.	<2.17.5
M Improper Encoding or Escaping of Output sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the `linkHref` field handling. An attacker can execute arbitrary JavaScript by supplying a `javascript:` URL in an image widget's link URL field and having it rendered on the page. This affects users who can edit content and allows an attacker to run a script in viewers’ browsers, exposing session data and enabling unauthorized actions on the affected site. How to fix Improper Encoding or Escaping of Output? Upgrade `sanitize-html` to version 2.17.4 or higher.	<2.17.4
M Cross-site Scripting (XSS) sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `xmp` raw-text passthrough. An attacker can execute arbitrary JavaScript in the browser of another user by submitting specially crafted HTML content that is sanitized and then rendered as trusted output. How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to version 2.17.4 or higher.	<2.17.4
M Cross-site Scripting (XSS) sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `naughtyHref` function. An attacker can execute arbitrary scripts in the context of a user's browser by crafting anchor tags with specially formatted `href` attributes that use different casings, whitespace, or hexadecimal encodings. How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to version 1.0.3 or higher.	<1.0.3
M Information Exposure sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Information Exposure when used on the backend and with the `style` attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server. How to fix Information Exposure? Upgrade `sanitize-html` to version 2.12.1 or higher.	<2.12.1
M Regular Expression Denial of Service (ReDoS) sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `sanitize-html` to version 2.7.1 or higher.	<2.7.1
M Access Restriction Bypass sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Access Restriction Bypass. Internationalized domain name (IDN) is not properly handled. This allows attackers to bypass hostname whitelist validation set by the `allowedIframeHostnames` option. How to fix Access Restriction Bypass? Upgrade `sanitize-html` to version 2.3.1 or higher.	<2.3.1
M Validation Bypass sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Validation Bypass. There is no proper validation of the hostnames set by the `allowedIframeHostnames` option when the `allowIframeRelativeUrls` is set to `true`. This allows attackers to bypass the hostname whitelist for the iframe element. How to fix Validation Bypass? Upgrade `sanitize-html` to version 2.3.2 or higher.	<2.3.2
M Cross-site Scripting (XSS) sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `sanitizeHtml` function when the custom `transformTags` option is used. An attacker can inject and execute malicious code by providing crafted input that is not properly sanitized. How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to version 2.0.0 or higher.	<2.0.0
M Cross-site Scripting (XSS) `sanitize-html` is a library for scrubbing html input of malicious values. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to unescaped double quotes. Entering the following: `<IMG SRC= onmouseover="alert('XSS');">` produces the following: `<img src="onmouseover="alert('XSS');"" />` How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to version 1.2.3 or higher.	<1.2.3
M Cross-site Scripting (XSS) `sanitize-html` is a library for scrubbing html input of malicious values. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. If at least one `nonTextTags` tag is allowed, a malicious user may potentially conduct an XSS attack. PoC: var sanitizeHtml = require('sanitize-html'); var dirty = '!<textarea></textarea><svg/onload=prompt`xs`></textarea>!'; var clean = sanitizeHtml(dirty, { allowedTags: [ 'textarea' ] }); console.log(clean); // !<textarea></textarea><svg/onload=prompt`xs`></textarea>! How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to version 1.11.4 or later.	<1.11.4
M Cross-site Scripting (XSS) Sanitization of HTML strings is not applied recursively to input, allowing an attacker to potentially inject script and other markup. Source: Node Security Project How to fix Cross-site Scripting (XSS)? Upgrade `sanitize-html` to `1.4.3` or later	<=1.4.2
M Cross-site Scripting (XSS) Since the sanitize-html module trusts 'text' coming from htmlparser2, and outputs it without further escaping (because htmlparser2 does not decode entities in text before delivering it), this results in an XSS attack vector if sanitize-html ignores the img tag (according to user-configured filter rules) but passes the text intact, as it must do to keep any text in documents.	<1.4.3

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)