.avif)
View all vulnerabilities
CVE-2022-48345
@braintree/sanitize-url Cross-site Scripting vulnerability
Description
sanitize-url (aka @braintree/sanitize-url) before 6.0.1 allows XSS via HTML entities.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgradingVulnerability Details
Score
6
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Versions
@braintree/sanitize-url < 6.0.1
Severity
Medium
Medium
Medium
Ecosystem
JavaScript
Publish Date
February 24, 2023
Modified Date
November 7, 2023