Skip to main content

Antisamy

8 CVEs product

Monthly

CVE-2024-23635 Maven MEDIUM PATCH This Month

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Antisamy
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-43643 Maven MEDIUM POC PATCH This Month

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Antisamy
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-29577 Maven MEDIUM PATCH This Month

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy Enterprise Manager Base Platform Weblogic Server
NVD GitHub
CVSS 3.1
6.1
EPSS
1.3%
CVE-2022-28367 Maven MEDIUM PATCH This Month

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2022-28366 Maven HIGH PATCH This Week

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessive heap memory consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cyberneko Html Htmlunit Antisamy
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-35043 Maven MEDIUM PATCH This Month

OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy Retail Back Office Retail Central Office Retail Returns Management +7
NVD GitHub
CVSS 3.1
6.1
EPSS
1.5%
CVE-2017-14735 Maven MEDIUM PATCH This Month

OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of : to construct a javascript: URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2016-10006 Maven MEDIUM PATCH This Month

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Antisamy
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Antisamy
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy Enterprise Manager Base Platform +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessive heap memory consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cyberneko Html Htmlunit +1
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy Retail Back Office +9
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of : to construct a javascript: URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Antisamy
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy