5.2.1 All untrusted HTML is properly sanitized

Verify that all untrusted HTML input from WYSIWYG editors or similar is properly sanitized with an HTML sanitizer library or framework feature. (C5)

Level 1	X
Level 2	X
Level 3	X

CWE	NIST
116