Vulnerabilities

CVE-2022-21169

by Fred · 26/09/2022

The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.

Date published : 2022-09-26

https://github.com/AhmedAdelFahim/express-xss-sanitizer/commit/3bf8aaaf4dbb1c209dcb8d87a82711a54c1ab39a

https://github.com/AhmedAdelFahim/express-xss-sanitizer/issues/4

Similar

Tags: Cybersecurity Alert

CVE-2022-21169

Similar

Recent Posts

Categories

CVE-2022-21169

Share this:

Similar

Recent Posts

Categories

Tags