express-xss-sanitizer

3 known vulnerabilities · 0 critical · 1 high

Express XSS Sanitizer: allowedTags/allowedAttributes bypass leads to permissive sanitization (XSS risk)

Published Mar 27, 2026

express-xss-sanitizer vulnerable to Prototype Pollution via allowedTags attribute

Published Sep 27, 2022

express-xss-sanitizer has an unbounded recursion depth

Published Sep 26, 2025

Check your entire dependency tree at onceRun dependency scan →