Vulnerabilities > Sanitize Project

DATE CVE VULNERABILITY TITLE RISK
2023-07-06 CVE-2023-36823 Cross-site Scripting vulnerability in multiple products
Sanitize is an allowlist-based HTML and CSS sanitizer.
network
low complexity
sanitize-project debian CWE-79
6.1
2023-01-28 CVE-2023-23627 Cross-site Scripting vulnerability in Sanitize Project Sanitize
Sanitize is an allowlist-based HTML and CSS sanitizer.
network
low complexity
sanitize-project CWE-79
6.1
2020-06-16 CVE-2020-4054 Cross-site Scripting vulnerability in Sanitize Project Sanitize
In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability.
6.8
2018-03-30 CVE-2018-3740 Improper Input Validation vulnerability in Sanitize Project Sanitize
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
network
low complexity
sanitize-project CWE-20
5.0