CVE-2019-25225

Published Sep 8, 2025

Last updated 5 months ago

CVSS medium 6.1

Overview

Description
`sanitize-html` prior to version 2.0.0-beta is vulnerable to Cross-site Scripting (XSS). The `sanitizeHtml()` function in `index.js` does not sanitize content when using the custom `transformTags` option, which is intended to convert attribute values into text. As a result, malicious input can be transformed into executable code.
Source
596c5446-0ce5-4ba2-aa66-48b3b757a647
NVD status
Analyzed
Products
sanitize-html

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.1
Impact score
2.7
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

596c5446-0ce5-4ba2-aa66-48b3b757a647
CWE-79

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. 'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting (XSS). The function 'naughtyHref' doesn't properly validate the hyperreference (`href`) attribute in anchor tags (`<a>`), allowing bypasses that contain different casings, whitespace characters, or hexadecimal encodings.CVE-2014-125128
  2. Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.CVE-2024-21501

References

Sources include official advisories and independent security research.