XSS in Jitbit Htmlsanitizer

CVE-2025-29771

HtmlSanitizer is a client-side HTML Sanitizer. Versions prior to 2.0.3 have a cross-site scripting vulnerability when the sanitizer is used with a `contentEditable` element to set the elements `innerHTML` to a sanitized string produced by…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (29.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References