Skip to main content

Json Sanitizer

3 CVEs product

Monthly

CVE-2021-23900 Maven HIGH PATCH This Week

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Json Sanitizer
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-23899 Maven CRITICAL PATCH Act Now

OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Json Sanitizer
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2020-13973 Maven MEDIUM POC PATCH This Month

OWASP json-sanitizer before 1.2.1 allows XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Json Sanitizer
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
EPSS 2% CVSS 7.5
HIGH PATCH This Week

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Json Sanitizer
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Json Sanitizer
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

OWASP json-sanitizer before 1.2.1 allows XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Json Sanitizer
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy