[Snyk] Security upgrade sanitize-html from 1.27.5 to 2.3.2

[saurabharch]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • install/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Validation Bypass SNYK-JS-SANITIZEHTML-1070780	Yes	No Known Exploit
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Access Restriction Bypass SNYK-JS-SANITIZEHTML-1070786	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: sanitize-html

The new version differs by 93 commits.

• fd3cb54 changelog credit
• 6012524 Merge pull request Moar unit tests NodeBB/NodeBB#460 from apostrophecms/iframe-validation-redux
• 5395e36 markdown
• bff6d9f Merge pull request Absence of 'Admin' button NodeBB/NodeBB#459 from Aspedm/main
• 1ecf30f pass eslint
• 54851d0 new and interesting iframe validation exploits
• dafee4f Update README.md
• b77e1d9 2.3.1
• bdf7836 Merge pull request Unable to edit NodeBB/NodeBB#458 from apostrophecms/stop-idna-iframe-attacks
• 477b032 Updates README to specify node version (New topic appears above pinned topic NodeBB/NodeBB#457)
• 5804fa9 changelog
• ca4b62a stop IDNA iframe attacks
• 7229906 Fleshes out changelog message
• 5d6c6e6 Updates the version number
• af6e348 Fixes a typo in the changelog
• 251e14a Merge pull request Footer should only appear on /home? NodeBB/NodeBB#429 from TrySound/upgrade-htmlparser2
• 102c623 Upgrade to v6
• f07bf65 Upgrade htmlparser2
• 6a7b0ca bumps the version number (Cannot register or login via mobile view NodeBB/NodeBB#446)
• 4be8a61 Adds acknowledgement to changelog. (Privilege thresholds NodeBB/NodeBB#445)
• d59fdac Merge pull request Favouriting when not logged in nets "undefined" alert NodeBB/NodeBB#444 from aHerbots/patch-1
• 34f00be Update CHANGELOG.md
• 5ae731e Update README.md
• 07d1523 Allow 'tel' links by default

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic