Description
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
Remediation
References
http://www.openwall.com/lists/oss-security/2016/04/20/11
https://nodesecurity.io/advisories/41
Related Vulnerabilities
CVE-2021-41532 Vulnerability in maven package org.apache.ozone:ozone-recon
CVE-2022-31129 Vulnerability in maven package org.webjars.npm:moment
CVE-2022-36885 Vulnerability in maven package com.coravy.hudson.plugins.github:github
CVE-2020-1960 Vulnerability in maven package org.apache.flink:flink-metrics-core