← Back to CVE List
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt