Paypal

Braintree/sanitize-url

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-48345

  • EPSS 0.45%
  • Published 24.02.2023 06:15:11
  • Last modified 12.03.2025 16:15:17

sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.

6.1

CVE-2021-23648

Exploit
  • EPSS 0.12%
  • Published 16.03.2022 16:15:10
  • Last modified 21.11.2024 05:51:51

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.