CVE-2014-125128
596c5446-0ce5-4ba2-aa66-48b3b757a647
'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting (XSS). The function 'naughtyHref' doesn't properly validate the hyperreference (`href`) attribute in anchor tags (`<a>`), allowing bypasses that contain different casings, whitesp...
7 days ago