Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/06/01 7:33 p.m.5 views

CVE-2025-48883

Chrome PHP allows users to start playing with chrome/chromium in headless mode from PHP. Prior to version 1.14.0, CSS Selector expressions are not properly encoded, which can lead to XSS cross-site scripting vulnerabilities. This is patched in v1.14.0. As a workaround, users can apply encoding...

5.3CVSS6AI score0.00331EPSS
Exploits0References1
Snyk
Snykadded 2025/05/28 4:6 p.m.2 views

Cross-site Scripting (XSS)

Overview chrome-php/chrome is an Instrument headless chrome/chromium instances from PHP Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper encoding in CssSelector. An attacker can inject malicious scripts by crafting malicious CSS Selector expressions...

6.1CVSS5.3AI score0.00331EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 1:4 a.m.6 views

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS5.6AI score0.00221EPSS
Exploits0References1
OSV
OSVadded 2022/04/23 12:3 a.m.3 views

GHSA-VP37-2F9P-3VR3 Cross-site Scripting in OWASP AntiSamy

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS conten...

6.1CVSS6.6AI score0.00243EPSS
Exploits0References5
OSV
OSVadded 2022/04/23 12:3 a.m.1 views

GHSA-3PQG-4RQG-PG9G Cross-site Scripting in OWASP AntiSamy

OWASP AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS conten...

6.1CVSS6.3AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVDadded 2022/04/21 12:0 a.m.2 views

OWASP AntiSamy 跨站脚本漏洞

OWASP AntiSamy is a library for HTML and CSS coding from the US-based Owasp Foundation. A cross-site scripting vulnerability exists in OWASP AntiSamy versions prior to 1.6.6, which stems from the serial number output program failing to properly encode cascading style sheet CSS content...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2022/04/10 12:0 a.m.1 views

PT-2022-5409 · Owasp · Owasp Antisamy

Name of the Vulnerable Software and Affected Versions: OWASP AntiSamy versions prior to 1.6.7 Description: The issue is related to the incorrect encoding of Cascading Style Sheets CSS content, allowing for HTML tag smuggling on STYLE content with crafted input. This can lead to cross-site scripti...

6.4CVSS6.2AI score0.00243EPSS
Exploits0References13
Rows per page
Query Builder