Htmlsanitizer Cross-site Scripting

Why it can be dangerous and how to fix it

This article is a part of our Vulnerability Database (back to index)

Cross-site Scripting occurrences in Htmlsanitizer

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly allowed the `