Security Advisory

CVE-2025-59364

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-14 00:00:00
Last updated 2025-09-15 15:57:53
Assigner mitre
State PUBLISHED

Description

The express-xss-sanitizer (aka Express XSS Sanitizer) package through 2.0.0 for Node.js has an unbounded recursion depth in sanitize in lib/sanitize.js for a JSON request body.