Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/html-sanitizer@2.0.6
Typecomposer
Namespacetypo3
Namehtml-sanitizer
Version2.0.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.1.4
Latest_non_vulnerable_version2.1.4
Affected_by_vulnerabilities
0
url VCID-37ff-v99s-nkhk
vulnerability_id VCID-37ff-v99s-nkhk
summary 
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-47125
reference_id
reference_type
scores
0
value 0.00563
scoring_system epss
scoring_elements 0.68777
published_at 2026-06-06T12:55:00Z
1
value 0.00563
scoring_system epss
scoring_elements 0.68769
published_at 2026-06-05T12:55:00Z
2
value 0.00604
scoring_system epss
scoring_elements 0.69993
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-47125
1
reference_url https://github.com/TYPO3/html-sanitizer
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer
2
reference_url https://github.com/TYPO3/html-sanitizer/commit/b8f90717251d968c49dc77f8c1e5912e2fbe0dff
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T20:25:20Z/
url https://github.com/TYPO3/html-sanitizer/commit/b8f90717251d968c49dc77f8c1e5912e2fbe0dff
3
reference_url https://typo3.org/security/advisory/typo3-core-sa-2023-007
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T20:25:20Z/
url https://typo3.org/security/advisory/typo3-core-sa-2023-007
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-47125
reference_id CVE-2023-47125
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-47125
5
reference_url https://github.com/advisories/GHSA-mm79-jhqm-9j54
reference_id GHSA-mm79-jhqm-9j54
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mm79-jhqm-9j54
6
reference_url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-mm79-jhqm-9j54
reference_id GHSA-mm79-jhqm-9j54
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T20:25:20Z/
url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-mm79-jhqm-9j54
fixed_packages
0
url pkg:composer/typo3/html-sanitizer@2.1.4
purl pkg:composer/typo3/html-sanitizer@2.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/html-sanitizer@2.1.4
aliases CVE-2023-47125, GHSA-mm79-jhqm-9j54
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37ff-v99s-nkhk
1
url VCID-6hnx-p9hv-jbg2
vulnerability_id VCID-6hnx-p9hv-jbg2
summary 
TYPO3 HTML Sanitizer vulnerable to Cross-Site Scripting
### Problem
Due to a parsing issue in the upstream package [`masterminds/html5`](https://packagist.org/packages/masterminds/html5), malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized. This allows bypassing the cross-site scripting mechanism of [`typo3/html-sanitizer`](https://packagist.org/packages/typo3/html-sanitizer).

Besides that, the upstream package `masterminds/html5` provides HTML raw text elements (`script`, `style`, `noframes`, `noembed` and `iframe`) as DOMText nodes, which were not processed and sanitized further. None of the mentioned elements were defined in the default builder configuration, that's why only custom behaviors, using one of those tag names, were vulnerable to cross-site scripting.

### Solution
Update to `typo3/html-sanitizer` versions 1.5.0 or 2.1.1 that fix the problem described.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23499
reference_id
reference_type
scores
0
value 0.00234
scoring_system epss
scoring_elements 0.46513
published_at 2026-06-05T12:55:00Z
1
value 0.00234
scoring_system epss
scoring_elements 0.46447
published_at 2026-06-04T12:55:00Z
2
value 0.00234
scoring_system epss
scoring_elements 0.46494
published_at 2026-06-07T12:55:00Z
3
value 0.00234
scoring_system epss
scoring_elements 0.46515
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23499
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23499.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23499.yaml
2
reference_url https://github.com/TYPO3/html-sanitizer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer
3
reference_url https://github.com/TYPO3/html-sanitizer/pull/105
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer/pull/105
4
reference_url https://github.com/TYPO3/html-sanitizer/pull/106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer/pull/106
5
reference_url https://github.com/TYPO3/html-sanitizer/releases/tag/v1.5.0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer/releases/tag/v1.5.0
6
reference_url https://github.com/TYPO3/html-sanitizer/releases/tag/v2.1.1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer/releases/tag/v2.1.1
7
reference_url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-hvwx-qh2h-xcfj
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-hvwx-qh2h-xcfj
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23499
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23499
9
reference_url https://typo3.org/security/advisory/typo3-core-sa-2022-017
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2022-017
10
reference_url https://github.com/advisories/GHSA-hvwx-qh2h-xcfj
reference_id GHSA-hvwx-qh2h-xcfj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvwx-qh2h-xcfj
fixed_packages
0
url pkg:composer/typo3/html-sanitizer@2.1.1
purl pkg:composer/typo3/html-sanitizer@2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ff-v99s-nkhk
1
vulnerability VCID-juyu-1u97-ffg8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/html-sanitizer@2.1.1
aliases CVE-2022-23499, GHSA-hvwx-qh2h-xcfj, GMS-2022-8136
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hnx-p9hv-jbg2
2
url VCID-e4zc-fmh2-n7b8
vulnerability_id VCID-e4zc-fmh2-n7b8
summary 
TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection
> ### Meta
> * CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.7)

### Problem
Due to a parsing issue in upstream package [`masterminds/html5`](https://packagist.org/packages/masterminds/html5), malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This allows to by-pass the cross-site scripting mechanism of `typo3/html-sanitizer`.

### Solution
Update to `typo3/html-sanitizer` versions 1.0.7 or 2.0.16 that fix the problem described.

### Credits
Thanks to David Klein who reported this issue, and to TYPO3 security team member Oliver Hader who fixed the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36020
reference_id
reference_type
scores
0
value 0.00318
scoring_system epss
scoring_elements 0.55196
published_at 2026-06-05T12:55:00Z
1
value 0.00318
scoring_system epss
scoring_elements 0.55194
published_at 2026-06-07T12:55:00Z
2
value 0.00318
scoring_system epss
scoring_elements 0.55204
published_at 2026-06-06T12:55:00Z
3
value 0.00318
scoring_system epss
scoring_elements 0.55138
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36020
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36020.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-36020.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36020.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-36020.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/html-sanitizer/CVE-2022-36020.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/html-sanitizer/CVE-2022-36020.yaml
4
reference_url https://github.com/TYPO3/html-sanitizer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer
5
reference_url https://github.com/TYPO3/html-sanitizer/commit/60bfdc7f9b394d0236e16ee4cea8372a7defa493
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:00:57Z/
url https://github.com/TYPO3/html-sanitizer/commit/60bfdc7f9b394d0236e16ee4cea8372a7defa493
6
reference_url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-47m6-46mj-p235
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:00:57Z/
url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-47m6-46mj-p235
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36020
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36020
8
reference_url https://packagist.org/packages/masterminds/html5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:00:57Z/
url https://packagist.org/packages/masterminds/html5
9
reference_url https://packagist.org/packages/typo3/html-sanitizer
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:00:57Z/
url https://packagist.org/packages/typo3/html-sanitizer
10
reference_url https://typo3.org/security/advisory/typo3-core-sa-2022-011
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2022-011
11
reference_url https://github.com/advisories/GHSA-47m6-46mj-p235
reference_id GHSA-47m6-46mj-p235
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-47m6-46mj-p235
fixed_packages
0
url pkg:composer/typo3/html-sanitizer@2.0.16
purl pkg:composer/typo3/html-sanitizer@2.0.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ff-v99s-nkhk
1
vulnerability VCID-6hnx-p9hv-jbg2
2
vulnerability VCID-juyu-1u97-ffg8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/html-sanitizer@2.0.16
aliases CVE-2022-36020, GHSA-47m6-46mj-p235
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e4zc-fmh2-n7b8
3
url VCID-juyu-1u97-ffg8
vulnerability_id VCID-juyu-1u97-ffg8
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious markup nested in a `noscript` element was not encoded correctly. `noscript` is disabled in the default configuration, but might have been enabled in custom scenarios. This allows bypassing the cross-site scripting mechanism of TYPO3 HTML Sanitizer. Versions 1.5.1 and 2.1.2 fix the problem.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38500
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59678
published_at 2026-06-05T12:55:00Z
1
value 0.00378
scoring_system epss
scoring_elements 0.59672
published_at 2026-06-07T12:55:00Z
2
value 0.00378
scoring_system epss
scoring_elements 0.59681
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38500
1
reference_url https://github.com/TYPO3/html-sanitizer
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/html-sanitizer
2
reference_url https://github.com/TYPO3/html-sanitizer/commit/e3026f589fef0be8c3574ee3f0a0bfbe33d7ebdb
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T16:24:38Z/
url https://github.com/TYPO3/html-sanitizer/commit/e3026f589fef0be8c3574ee3f0a0bfbe33d7ebdb
3
reference_url https://typo3.org/security/advisory/typo3-core-sa-2023-002
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T16:24:38Z/
url https://typo3.org/security/advisory/typo3-core-sa-2023-002
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-38500
reference_id CVE-2023-38500
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-38500
5
reference_url https://github.com/advisories/GHSA-59jf-3q9v-rh6g
reference_id GHSA-59jf-3q9v-rh6g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59jf-3q9v-rh6g
6
reference_url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-59jf-3q9v-rh6g
reference_id GHSA-59jf-3q9v-rh6g
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T16:24:38Z/
url https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-59jf-3q9v-rh6g
fixed_packages
0
url pkg:composer/typo3/html-sanitizer@2.1.2
purl pkg:composer/typo3/html-sanitizer@2.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ff-v99s-nkhk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/html-sanitizer@2.1.2
aliases CVE-2023-38500, GHSA-59jf-3q9v-rh6g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-juyu-1u97-ffg8
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/html-sanitizer@2.0.6