The package sanitize-html prior to 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apostrophecms sanitize-html |