hibernate-validator: safeHTML validator allows XSS

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

Cross-site Scripting (XSS)

hibernate-validator is vulnerable to cross-site scripting XSS. The vulnerability exists as the SafeHtml annotation from SafeHtmlValidator does not properly sanitize payloads in HTML comments...

The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

GHSA-M8P2-495H-CCMH The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

UBUNTU-CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

Design/Logic Flaw

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

CVE-2019-10219

The CVE-2019-10219 entry affects Hibernate Validator: SafeHtml validator annotation fails to sanitize HTML comments/instructions, enabling XSS in affected code paths. Affected CP4S versions are 1.7.2.0, 1.8.0.0, and 1.8.1.0. Remediation is to upgrade to Cloud Pak for Security 1.9.0.0 per IBM guid...

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...

Microsoft Lync Remote Code Execution Vulnerabilities (2707956)

This host is missing a critical security update according to Microsoft Bulletin MS12-039. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2012-3601 · Microsoft · Lync +4

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 8 through 9 Microsoft Communicator version 2007 R2 Microsoft Lync versions 2010 through 2010 Attendee Description: The toStaticHTML API, also known as the SafeHTML component, does not properly handle event...

Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)

This host is missing an important security update according to Microsoft Bulletin MS10-072. OpenVAS Vulnerability Test $Id: secpodms10-072.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities 2412048 Authors: Rachana Shetty Copyright: Copyright...

Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)

This host is missing an important security update according to Microsoft Bulletin MS10-072. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Preemptive Protection against Microsoft Internet Explorer SafeHTML Cross-Site Scripting (MS11-074)

An information disclosure vulnerability has been reported in Internet Explorer. A remote attacker may exploit this vulnerability to perform cross-site scripting attacks and run script in the security context of the logged-on user...

CVE-2011-1252

Cross-site scripting XSS vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint...

CVE-2011-1252

CVE-2011-1252 corresponds to a cross-site scripting vulnerability in the toStaticHTML SafeHTML function used by Internet Explorer 7/8 and several Microsoft SharePoint-related products (SharePoint Server 2007 SP2, SharePoint Server 2010 SP1, Groove Server 2010, Windows SharePoint Services 3.0 SP2,...