Vulnerabilities > Paypal > Braintree Sanitize URL > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-24 CVE-2022-48345 Cross-site Scripting vulnerability in Paypal Braintree/Sanitize-Url
sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.
network
low complexity
paypal CWE-79
6.1
2022-03-16 CVE-2021-23648 Cross-site Scripting vulnerability in multiple products
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
network
low complexity
paypal fedoraproject CWE-79
6.1