Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.10 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS5.5AI score0.01282EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/05 1:43 p.m.94 views

Security Bulletin: There are several vulnerabilities in AntiSamy used by IBM Maximo Asset Management (CVE-2022-28367, CVE-2022-29577)

Summary There are several vulnerabilities in AntiSamy used by IBM Maximo Asset Management . Vulnerability Details CVEID:CVE-2022-28367 DESCRIPTION: AntiSamy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input for Cascading Style Sheets CSS content. A remote...

6.1CVSS6.6AI score0.01282EPSS
Exploits0Affected Software11
Tenable Nessus
Tenable Nessus
added 2022/07/22 12:0 a.m.42 views

Oracle Enterprise Manager Cloud Control (Jul 2022 CPU)

The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component:...

8.1CVSS6.6AI score0.01282EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/04/23 12:3 a.m.5 views

cn.acooly:acooly-auth-wechat-authenticator (=5.2.1), cn.herodotus.engine:assistant-sdk-jackson (>=2.7.0.Beta1 <=2.7.0.Beta2) +523 more potentially affected by CVE-2022-29577 via org.owasp.antisamy:antisamy (>=1.4.3 <=1.6.6.1)

org.owasp.antisamy:antisamy MAVEN version =1.4.3, =2.7.0.Beta1, =2.7.0.Beta3, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta1, =2.7.0.Beta3, =2.7.0.Beta4 - cn.herodotus.engine:oauth2-sdk-authorization-ui =2.7.0.Beta3 and...

6.1CVSS6.7AI score0.01282EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/04/21 11:15 p.m.41 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS6.8AI score0.01282EPSS
Exploits0References4
CVE
CVE
added 2022/04/21 10:42 p.m.158 views

CVE-2022-29577

AntiSamy vulnerability CVE-2022-29577 affects AntiSamy before 1.6.7, allowing cross-site scripting via HTML/CSS content smuggling in STYLE content. The flaw stems from incomplete encoding in the output serializer for CSS/CSS-like input, enabling an attacker to execute script in the victim’s brows...

6.1CVSS6.1AI score0.01282EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/04/21 10:42 p.m.35 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.4AI score0.01282EPSS
Exploits0References3
OSV
OSV
added 2022/04/21 10:42 p.m.33 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS6AI score0.01282EPSS
Exploits0References5
Rows per page
Query Builder