sanitize-html allowedTags Bypass via Entity-Decoded Text Leading to Stored XSS github.com 2026-04-18查看中文 →Referenced CVEs: CVE-2026-40186 This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.