CVE-2017-16017

Summary

sanitize-html is a library for scrubbing html input for malicious values Versions 1.2.2 and below have a cross site scripting vulnerability.

Affected Software

VendorProductVersion RangeStatus
HackerOnesanitize-html node module<=1.2.2affected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Generic (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References