56 matches found
CVE-2005-1638
The writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting XSS vulnerabilities in applications that rely on SafeHTML for protection...
EUVD-2005-1640
Malware in sbrugna...
EUVD-2005-0649
Malware in sbrugna...
EUVD-2005-2609
Malware in sbrugna...
ROS-20250822-03
SafeHtml validator vulnerability in Hibernate Validator library is related to failure to take measures to protect web page structure when processing HTML content. web page structure when processing HTML content. Exploitation of the vulnerability could allow an attacker acting remotely to conduct...
Linux Distros Unpatched Vulnerability : CVE-2019-10219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code...
CVE-2023-1932
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
Cross-site Scripting (XSS)
Overview org.hibernate:hibernate-validator is a Hibernate Validator Engine Relocation Artifact. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the isValid method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can...
CVE-2023-29453 Agent 2 package are built with Go version affected by CVE-2023-24538
Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...
CVE-2021-44120
SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...
PT-2022-11995 · Spip +2 · Spip +2
Name of the Vulnerable Software and Affected Versions: SPIP version 4.0.0 Description: The issue concerns a Cross Site Scripting XSS vulnerability in the ecrire/public/interfaces.php file, specifically affecting the "Who are you" and "Website Name" fields. An editor can modify their personal...
OESA-2021-1332 hibernate-validator security update
This is the reference implementation of JSR-349 - Bean Validation 1.1. Bean Validation defines a meta-data model and API for JavaBean as well as method validation. The default meta-data source are annotations, with the ability to override and extend the meta-data through the use of XML validation...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...