Linux Distros Unpatched Vulnerability : CVE-2022-29577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed...

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

Linux Distros Unpatched Vulnerability : CVE-2022-28367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed...

Security Bulletin: There are several vulnerabilities in AntiSamy used by IBM Maximo Asset Management (CVE-2022-28367, CVE-2022-29577)

Summary There are several vulnerabilities in AntiSamy used by IBM Maximo Asset Management . Vulnerability Details CVEID:CVE-2022-28367 DESCRIPTION: AntiSamy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input for Cascading Style Sheets CSS content. A remote...

GHSA-VP37-2F9P-3VR3 Cross-site Scripting in OWASP AntiSamy

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS conten...

Cross-site Scripting in OWASP AntiSamy

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS conten...

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

Design/Logic Flaw

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

CVE-2022-28367

CVE-2022-28367 affects the OWASP AntiSamy library (pre-1.6.6) and enables cross-site scripting by smuggling CSS (STYLE) content; the output serializer fails to properly encode CSS content. Multiple connected sources (Nessus, IBM advisories, GitHub GHSA entries) corroborate XSS via STYLE/CSS input...