Description
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
Remediation
References
http://www.openwall.com/lists/oss-security/2016/04/20/11
https://nodesecurity.io/advisories/41
Related Vulnerabilities
CVE-2021-32661 Vulnerability in npm package plugin-techdocs
CVE-2020-5251 Vulnerability in npm package parse-server
CVE-2019-10798 Vulnerability in npm package rdf-graph-array
CVE-2020-2184 Vulnerability in maven package org.jenkins-ci.plugins:cvs
CVE-2019-10358 Vulnerability in maven package org.jenkins-ci.main:maven-plugin