VulnerableCode Package Details - pkg:npm/%40braintree/sanitize-url@6.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-dc7t-x6q7-uud3 Aliases: CVE-2022-48345 GHSA-q8gg-vj6m-hgmj	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.	6.0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 6.0.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-dc7t-x6q7-uud3
Aliases:
CVE-2022-48345
GHSA-q8gg-vj6m-hgmj

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.

6.0.1
Affected by 1 other vulnerability.

6.0.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-x4cs-g2jz-eqb5	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The package @braintree/sanitize-url before 6.0.0 is vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.	CVE-2021-23648 GHSA-hqq7-2q2v-82xq

Vulnerability

Summary

Aliases

VCID-x4cs-g2jz-eqb5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The package @braintree/sanitize-url before 6.0.0 is vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.

CVE-2021-23648
GHSA-hqq7-2q2v-82xq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:22:48.472355+00:00	GitLab Importer	Affected by	VCID-dc7t-x6q7-uud3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2022-48345.yml	38.4.0
2026-04-16T21:42:57.931717+00:00	GitLab Importer	Fixing	VCID-x4cs-g2jz-eqb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2021-23648.yml	38.4.0
2026-04-11T23:40:57.559531+00:00	GitLab Importer	Affected by	VCID-dc7t-x6q7-uud3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2022-48345.yml	38.3.0
2026-04-11T22:58:30.404157+00:00	GitLab Importer	Fixing	VCID-x4cs-g2jz-eqb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2021-23648.yml	38.3.0
2026-04-02T23:44:58.670570+00:00	GitLab Importer	Affected by	VCID-dc7t-x6q7-uud3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2022-48345.yml	38.1.0
2026-04-02T23:07:18.310697+00:00	GitLab Importer	Fixing	VCID-x4cs-g2jz-eqb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2021-23648.yml	38.1.0
2026-04-01T18:08:01.809438+00:00	GitLab Importer	Affected by	VCID-dc7t-x6q7-uud3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2022-48345.yml	38.0.0
2026-04-01T16:00:07.415117+00:00	GHSA Importer	Fixing	VCID-x4cs-g2jz-eqb5	https://github.com/advisories/GHSA-hqq7-2q2v-82xq	38.0.0
2026-04-01T13:06:59.619056+00:00	GithubOSV Importer	Fixing	VCID-x4cs-g2jz-eqb5	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-hqq7-2q2v-82xq/GHSA-hqq7-2q2v-82xq.json	38.0.0
2026-04-01T12:49:42.587007+00:00	GitLab Importer	Fixing	VCID-x4cs-g2jz-eqb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/@braintree/sanitize-url/CVE-2021-23648.yml	38.0.0