Headline
GHSA-q8gg-vj6m-hgmj: @braintree/sanitize-url Cross-site Scripting vulnerability
sanitize-url (aka @braintree/sanitize-url) before 6.0.1 allows XSS via HTML entities.
@braintree/sanitize-url Cross-site Scripting vulnerability
Moderate severity GitHub Reviewed Published Feb 24, 2023 to the GitHub Advisory Database • Updated Feb 24, 2023
Related news
CVE-2022-48345: Fix html entity tab (#45) · braintree/sanitize-url@d4bdc89
sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.