braintree/sanitize-url

Releases26

Frequency4 months 2 days

Last Release 5 months ago

Stars367

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-48345 ↗	Feb 24, 2023Friday, 24 February 2023, 06:15	6.1 MEDIUM	—
sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.
CVE-2021-23648 ↗	Mar 16, 2022Wednesday, 16 March 2022, 16:15	5.4 MEDIUM	4.3 MEDIUM
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.