mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 23:27:33 +02:00
0xMarcio
822 B
822 B
CVE-2017-0931
%20-%20Generic%20(CWE-79)&color=brighgreen)
Description
html-janitor node module suffers from a Cross-Site Scripting (XSS) vulnerability via clean() accepting user-controlled values.
POC
Reference
- https://github.com/guardian/html-janitor/issues/34
- https://github.com/guardian/html-janitor/issues/34
- https://hackerone.com/reports/308155
- https://hackerone.com/reports/308155