3 matches found
CVE-2021-23899
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents...
CVE-2021-23899
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents...
CVE-2021-23899
CVE-2021-23899 affects the OWASP json-sanitizer library prior to version 1.2.2. The vulnerability arises when the sanitizer emits closing SCRIPT tags and CDATA section delimiters for crafted input, enabling injection of arbitrary HTML or XML into embedding documents. Affected component: json-sani...