Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-23627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is...

6.1CVSS6.2AI score0.00439EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2024/04/24 5:23 a.m.39 views

USN-6748-1: Sanitize vulnerabilities

It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 22.04 LTS. CVE-2023-23627 It was discovered that Sanitize incorrectly handled...

7.1CVSS6.3AI score0.00439EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/04/24 12:0 a.m.26 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Sanitize vulnerabilities (USN-6748-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6748-1 advisory. It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use thi...

7.1CVSS6.4AI score0.00439EPSS
Exploits0References3
Circl
Circladded 2023/01/28 8:15 p.m.2 views

CVE-2023-23627

creationtimestamp| type| source ---|---|--- 2023-01-28 20:15:34+00:00| seen| https://t.me/cibsecurity/57118...

6.1CVSS6AI score0.00439EPSS
Exploits0References1
NVD
NVDadded 2023/01/28 12:15 a.m.15 views

CVE-2023-23627

Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is configured with a custom allowlist that allows noscript elements, attackers are able to include arbitrary HTML, resulting in XSS cross-site...

6.1CVSS6.2AI score0.00439EPSS
Exploits0References1
CVE
CVEadded 2023/01/27 11:44 p.m.96 views

CVE-2023-23627

CVE-2023-23627 affects the Sanitize HTML/CSS sanitizer. Vulnerable when using a custom element allowlist that includes noscript, impacting Sanitize versions 5.0.0 up to but not including 6.0.1. In such configurations, arbitrary HTML could be introduced and rendered in browsers, enabling cross-sit...

6.1CVSS6.1AI score0.00439EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/01/27 11:44 p.m.7 views

CVE-2023-23627 Sanitize vulnerable to Cross-site Scripting via Improper neutralization of `noscript` element

Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site Scripting. When Sanitize is configured with a custom allowlist that allows noscript elements, attackers are able to include arbitrary HTML, resulting in XSS cross-site...

6.1CVSS6.3AI score0.00439EPSS
Exploits0References1
Rows per page
Query Builder