EUVD-2023-2788

Malicious code in bioql PyPI...

CVE-2024-23635

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the...

CVE-2023-51652

OWASP AntiSamy .NET is a library for performing cleansing of HTML coming from untrusted sources. Prior to version 1.2.0, there is a potential for a mutation cross-site scripting mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerabilit...

CVE-2023-43643

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the...

Linux Distros Unpatched Vulnerability : CVE-2023-43643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a...

cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), cn.herodotus.engine:access-core (>=2.7.2.3 <=3.2.2.1) +834 more potentially affected by CVE-2024-23635 via org.owasp.antisamy:antisamy (>=1.4.3 <=1.7.4)

org.owasp.antisamy:antisamy MAVEN version =1.4.3, =2.7.2.3, =2.7.2.3, =2.7.2.3, =3.1.7.3, =2.7.2.3, =2.7.2.3, =2.7.2.3, =2.7.0.0, =3.1.5.1, =2.7.0.Beta1, =2.7.0.0, =2.7.0.Beta1, =2.7.0.0, =2.7.0.0, =3.2.2.1 and more Source cves: CVE-2024-23635 Source advisory: OSV:GHSA-2MRQ-W8PV-5PVQ...

cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), cn.herodotus.engine:assistant-sdk-jackson (>=2.7.0.Beta1 <=2.7.0.Beta2) +523 more potentially affected by CVE-2022-29577 via org.owasp.antisamy:antisamy (>=1.4.3 <=1.6.6.1)

org.owasp.antisamy:antisamy MAVEN version =1.4.3, =2.7.0.Beta1, =2.7.0.Beta3, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta3, =2.7.0.Beta4 - cn.herodotus.engine:oauth2-sdk-authorization-ui =2.7.0.Beta3 and...

com.antheminc.oss:nimbus-core (>=1.1.7 <=1.2.0.M5), com.antheminc.oss:nimbus-entity-dsl (>=1.1.7 <=1.2.0.M5) +110 more potentially affected by CVE-2021-35043 via org.owasp.antisamy:antisamy (>=1.5.7 <=1.6.3)

org.owasp.antisamy:antisamy MAVEN version =1.5.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.2.1, =1.2.1, =1.2.1, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =1.5.14, =1.5.14, =1.5.14, =1.5.26 and more Source cves: CVE-2021-35043 Source advisory: OSV:GHSA-9C8W-JRW3-Q2C3...

PT-2021-3745 · Owasp +1 · Owasp Antisamy +1

Name of the Vulnerable Software and Affected Versions: OWASP AntiSamy versions prior to 1.6.4 Description: The issue allows for cross-site scripting XSS attacks via HTML attributes when using the HTML output serializer. This was demonstrated by a javascript: URL, where the colon character was...

cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), co.pishfa.accelerate:accelerate-core (>=1.0.0 <=1.0.15) +425 more potentially affected by CVE-2016-10006 via org.owasp.antisamy:antisamy (>=1.4.3 <=1.5.3)

org.owasp.antisamy:antisamy MAVEN version =1.4.3, =1.0.0, =1.0.0, =1.0.1 - co.pishfa.accelerate:accelerate-service =1.0.0 - com.acooly:acooly-component-account =5.2.1 - com.acooly:acooly-component-app =5.2.1 - com.acooly:acooly-component-assetmgmt =5.2.1 - com.acooly:acooly-component-certificatio...

OWASP AntiSamy Security Bypass Vulnerability

OWASP AntiSamy is a library for HTML and CSS coding from the OWASP Foundation in the United States. A security bypass vulnerability exists in OWASP AntiSamy. An attacker can exploit this vulnerability by submitting specially crafted input to bypass the library's security protections and submit...

UBUNTU-CVE-2016-10006

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...

DEBIAN-CVE-2016-10006

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...