@lumieducation/h5p-server Fails to Sanitize Plain Text Strings
Moderate severity
GitHub Reviewed
Published
May 11, 2025
to the GitHub Advisory Database
•
Updated May 12, 2025
Description
Published by the National Vulnerability Database
May 11, 2025
Published to the GitHub Advisory Database
May 11, 2025
Reviewed
May 12, 2025
Last updated
May 12, 2025
Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings.
References