Vulnerabilities > Paypal > Braintree Sanitize URL > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-24 | CVE-2022-48345 | Cross-site Scripting vulnerability in Paypal Braintree/Sanitize-Url sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities. | 6.1 |
| 2022-03-16 | CVE-2021-23648 | Cross-site Scripting vulnerability in multiple products The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. | 6.1 |