CVE-2017-0928

Publication date

2018-06-04 19:00:00

Family

hackerone

State

PUBLISHED

Description

html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the _sanitized variable causing sanitization to be bypassed.