CVE-2014-125128 | sanitize-html up to 1.0.2 Anchor Tag naughtyHref cross site scripting

Inserito da Angelo Barbosa | Set 8, 2025 | CVE

A vulnerability described as problematic has been identified in sanitize-html up to 1.0.2. This vulnerability affects the function naughtyHref of the component Anchor Tag Handler. Executing manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2014-125128. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2014-125128 | sanitize-html up to 1.0.2 Anchor Tag naughtyHref cross site scripting

Post correlati

CVE-2023-28149 | Insyde InsydeH2O IhisiServiceSmm Module Privilege Escalation

CVE-2025-0734 | y_project RuoYi up to 4.8.0 Whitelist getBeanName deserialization

CVE-2024-56224 | Ledenbeheer Plugin up to 2.1.0 on WordPress cross site scripting

CVE-2024-39440 | Unisoc T606/T612/T616/T610/T618/T760/T770/T820/S8000 DRM Service null pointer dereference