Impact
XSS vulnerability when the sanitizer is used with a contentEditable element to set the elements innerHTML to a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation.
Patches
Patched in version 2.0.3
Impact
XSS vulnerability when the sanitizer is used with a
contentEditableelement to set the elementsinnerHTMLto a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation.Patches
Patched in version 2.0.3