Security Bulletin: Cross-Site Scripting (XSS) Vulnerability in OWASP Java HTML Sanitizer via HtmlPolicyBuilder noscript/style Tags (v20240325.1), affects watsonx.data

Summary A vulnerability in OWASP Java HTML Sanitizer v20240325.1 allows Cross-Site Scripting XSS when HtmlPolicyBuilder permits noscript or style tags with allowTextIn. Unsanitized CSS or unexpected tags can be exploited by attackers. No patch is available at the time of this publication. This ca...

Owasp Json-sanitizer 安全漏洞

Owasp Json-sanitizer is a Java-based code library from the OWASP Foundation that generates Json format data from Json like text content. A security vulnerability exists in Owasp Json-sanitizer version 20240325.1, which stems from HtmlPolicyBuilder allowing noscript and style tags, which could lea...

OWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitization

Summary It is observed that OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style tags with allowTextIn inside the style tag. This could lead to XSS if the payload is crafted in such a way that it does not sanitise the CSS and allows tags which is not...

GHSA-G9GQ-3PFX-2GW2 OWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitization

Summary It is observed that OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style tags with allowTextIn inside the style tag. This could lead to XSS if the payload is crafted in such a way that it does not sanitise the CSS and allows tags which is not...

EUVD-2025-34643

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

CVE-2025-61938

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

CVE-2025-61938 BIG-IP Advanced WAF and ASM bd process vulnerability

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

CVE-2025-61938

CVE-2025-61938 affects BIG-IP Advanced WAF/ASM when a Data Guard Protection Enforcement URL exceeds 1024 characters, causing the bd process to terminate repeatedly and prompting a DoS risk. Exploitation details are not described beyond this configuration-based trigger in the provided sources. Mit...

EUVD-2019-16224

Malware in sbrugna...

EUVD-2018-1199

Malware in sbrugna...

EUVD-2018-1197

Malware in sbrugna...

How to Create an OS-Based Policy Scanning Workflow in InsightVM

When you first start setting up InsightVM, the No. 1 thing you should be focused on is building sites, running scans, and kicking off reports to start building your vulnerability management program. Once you start feeling comfortable with the vulnerability management flow, policy scanning should ...

Authentication Error Vulnerability in Multiple F5 Products

F5 BIG-IP ASM and others are products of F5 Corporation, U.S.A. F5 BIG-IP ASM is a Web Application Firewall WAF, and F5 Enterprise Manager is a tool that provides a view of the entire BIG-IP Application Delivery Infrastructure and optimizes application performance.F5 BIG-IQ is a set of...

Cisco Policy Suite Security Restriction Bypass Vulnerability

Cisco Policy Suite CPS is a next-generation policy management solution. The solution provides user-based business rules, real-time management of applications and network resources. A security restriction bypass vulnerability exists in the Policy Builder interface in Cisco CPS that stems from the...

Cisco Policy Suite Policy Builder Access Bypass Vulnerability

Cisco Policy Suite is a carrier-grade policy, charging, and subscriber data management solution. A Policy Builder access bypass vulnerability exists in Cisco Policy Suite. The vulnerability stems from a lack of authentication. An attacker can exploit the vulnerability by accessing the Policy...

Cisco Policy Suite Policy Builder Authentication Bypass Vulnerability

Cisco Policy Suite is a carrier-grade policy, charging, and subscriber data management solution. An authentication bypass vulnerability exists in the Policy Builder database of Cisco Policy Suite. The vulnerability stems from a lack of authentication. An attacker can exploit the vulnerability by...

CVE-2018-0393

A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this...

CVE-2018-0374

A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting...

CVE-2018-0376

A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy...

CVE-2018-0374

A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting...