Vulnerabilities > Express XSS Sanitizer Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-26 | CVE-2022-21169 | Unspecified vulnerability in Express XSS Sanitizer Project Express XSS Sanitizer The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization. | 6.1 |