Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/10 6:10 p.m.12 views

Security Bulletin: Hibernate Hibernate Validator could allow a remote attacker to bypass security restriction which affects watsonx.data

Summary Hibernate Hibernate Validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the message interpolation processor, which may impact watsonx.data. Vulnerability Details CVEID:CVE-2020-10693 DESCRIPTION: Hibernate Hibernate Validator could allow a remote...

6.1CVSS6.2AI score0.02294EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/11/07 10:15 a.m.2 views

CVE-2023-1932

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...

6.1CVSS6.7AI score0.00452EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/11/07 10:15 a.m.24 views

CVE-2023-1932

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...

6.1CVSS6.8AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2024/11/07 10:0 a.m.96 views

CVE-2023-1932

CVE-2023-1932 involves a vulnerability in Hibernate Validator’s SafeHtmlValidator.isValid method. The flaw can be bypassed by omitting a tag ending in a less-than character, allowing browsers to render invalid HTML and potentially enabling HTML injection or Cross-Site Scripting (XSS). The entry s...

6.1CVSS6.1AI score0.00452EPSS
Exploits0References2Affected Software4
Cvelist
Cvelist
added 2024/11/07 10:0 a.m.25 views

CVE-2023-1932 Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...

6.1CVSS0.00452EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/11/07 10:0 a.m.49 views

CVE-2023-1932

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...

6.1CVSS6.4AI score0.00452EPSS
Exploits0
Circl
Circl
added 2024/02/08 1:46 p.m.7 views

CVE-2023-1932

creationtimestamp| type| source ---|---|--- 2024-02-08 13:46:20+00:00| seen| https://t.me/ctinow/181373...

6.1CVSS6.5AI score0.00452EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/02/07 12:0 a.m.6 views

br.com.thiaguten:umbrella-configuration (>=0.1.0 <=1.0.0), br.com.thiaguten:umbrella-core (>=0.1.0 <=1.0.0) +1272 more potentially affected by CVE-2023-1932 via org.hibernate:hibernate-validator (>=6.0.0.Beta2 <=6.1.7.Final)

org.hibernate:hibernate-validator MAVEN version =6.0.0.Beta2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =2.3.2-beta.6, =2.3.2-beta.5, =1.0.0, =1.1.16 - cn.openjava:openjava-spring-boot-starter =1.0.1 - cn.springcloud.gray:spring-cloud-gray-server =D.0.1.0-Beta-3 -...

6.1CVSS6.7AI score0.00452EPSS
Exploits0
Rows per page
Query Builder