Moderate severityNVD Advisory· Published Jan 23, 2020· Updated Aug 6, 2024
CVE-2016-1000237
CVE-2016-1000237
Description
sanitize-html before 1.4.3 has XSS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
sanitize-htmlnpm | < 1.4.3 | 1.4.3 |
Affected products
2- sanitize-html/sanitize-htmldescription
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-3j7m-hmh3-9jmpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-1000237ghsaADVISORY
- github.com/apostrophecms/sanitize-html/commit/762fbc7bba389f3f789cc291c1eb2b64f60f2cafghsaWEB
- github.com/apostrophecms/sanitize-html/issues/29ghsaWEB
- github.com/punkave/sanitize-html/issues/29ghsaWEB
- nodesecurity.io/advisories/135mitrex_refsource_MISC
- raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.jsonghsax_refsource_MISCWEB
- www.npmjs.com/advisories/135ghsaWEB
News mentions
0No linked articles in our index yet.