Lucene search
Sanitize-Svg Project Security Vulnerabilities
cve
The sanitize-svg package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. In doing so, literal <script>-tags and on-event handlers were detected in versions prior to 0.4.0. As a result, downstream software that relies on...
7.6CVSS
5.7AI Score
0.001EPSS
2023-01-04 03:15 PM
25