The package express-xss-sanitizer... CVE-2022-21169

- AV AC AU C I A
发布: 2022-09-26
修订: 2024-11-21

The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息