CVE-2017-16017

UNRATEDJSON export Create alert

Description

sanitize-html is a library for scrubbing html input for malicious values Versions 1.2.2 and below have a cross site scripting vulnerability.

Affected products

HackerOne / sanitize-html node module<=1.2.2 – <=1.2.2

References

PATCHhttps://github.com/punkave/sanitize-html/pull/20
VENDOR_ADVISORYhttps://nodesecurity.io/advisories/155
MISChttps://github.com/punkave/sanitize-html/issues/19