html-janitor@2.0.1 vulnerabilities

Cleans up your markup and allows you to take control of your HTML.

latest version

2.0.4
first published

10 years ago
latest version published

6 years ago
licenses detected
- Apache-2.0
  >=0.3.1
View html-janitor package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the html-janitor package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS) html-janitor is a library that cleans up your markup and allows you to take control of your HTML. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Passing user-controlled data to the module's clean() function can result in arbitrary JS execution, because of unsafe DOM operations. How to fix Cross-site Scripting (XSS)? There is no fixed version for `html-janitor`.	*
H Cross-site Scripting (XSS) html-janitor is a library that cleans up your markup and allows you to take control of your HTML. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Passing user-controlled data to the module's clean() function can result in arbitrary JS execution, because of unsafe DOM operations. How to fix Cross-site Scripting (XSS)? There is no fixed version for `html-janitor`.	*
H Cross-site Scripting (XSS) html-janitor is a library that cleans up your markup and allows you to take control of your HTML. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Arbitrary HTML can pass the sanitization process, which can be unexpected and dangerous (XSS) in case user-controlled input is passed to the clean function. How to fix Cross-site Scripting (XSS)? Upgrade `html-janitor` to version 2.0.4 or higher.	<2.0.4
H Cross-site Scripting (XSS) html-janitor is a library that cleans up your markup and allows you to take control of your HTML. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Arbitrary HTML can pass the sanitization process, which can be unexpected and dangerous (XSS) in case user-controlled input is passed to the clean function. How to fix Cross-site Scripting (XSS)? Upgrade `html-janitor` to version 2.0.4 or higher.	<2.0.4

Go back to all versions of this package

html-janitor@2.0.1 vulnerabilities

Cleans up your markup and allows you to take control of your HTML.

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities