MidnightBSD

Advisories for theguardian

CVE-2017-0928 MEDIUM

html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-642,CWE-642,

Products Affected

Vendor Product Version
theguardian html-janitor 2.0.2