The package sanitize-html before... CVE-2022-25887

- AV AC AU C I A
发布: 2022-08-30
修订: 2022-09-01

The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息