10 matches found
EUVD-2024-3327
Malicious code in bioql PyPI...
HTML Injection
org.hibernate.validator, hibernate-validator is vulnerable to HTML Injection. The vulnerability is due to improper validation in the 'isValid' method of the SafeHtmlValidator class, where the tag ending can be omitted by using a less-than character, allowing invalid HTML to be rendered...
hibernate-validator Cross-site Scripting vulnerability
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
CVE-2023-1932
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
DEBIAN-CVE-2023-1932
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
CVE-2023-1932
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
CVE-2023-1932 Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
PT-2024-11944 · Unknown +1 · Hibernate Validator +1
Name of the Vulnerable Software and Affected Versions: hibernate-validator affected versions not specified Description: A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by...
CVE-2023-1932
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or...
Cross-site Scripting (XSS)
hibernate-validator is vulnerable to cross-site scripting XSS. The vulnerability exists as the SafeHtml annotation from SafeHtmlValidator does not properly sanitize payloads in HTML comments...