What the vulnerability does

01Description

html-janitor node module suffers from a Cross-Site Scripting (XSS) vulnerability via clean() accepting user-controlled values.

Key dates

02Disclosure timeline

June 4, 2018 CVE published
September 17, 2024 Record updated