Vulnerabilities > Express XSS Sanitizer Project

DATE CVE VULNERABILITY TITLE RISK
2022-09-26 CVE-2022-21169 Unspecified vulnerability in Express XSS Sanitizer Project Express XSS Sanitizer
The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.
network
low complexity
express-xss-sanitizer-project
6.1