Paypal Braintree Sanitize-Url vulnerabilities
2 known vulnerabilities affecting paypal/braintree_sanitize-url.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-48345MEDIUMCVSS 6.1fixed in 6.0.22023-02-24
CVE-2022-48345 [MEDIUM] CWE-79 CVE-2022-48345: sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.
sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.
nvd
CVE-2021-23648MEDIUMCVSS 6.1fixed in 6.0.02022-03-16
CVE-2021-23648 [MEDIUM] CWE-79 CVE-2021-23648: The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
nvd