Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1609

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00962EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1842

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.01239EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-29577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed...

6.1CVSS6.8AI score0.01239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:4 a.m.9 views

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS5.6AI score0.00962EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.9 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS5.5AI score0.01239EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/04/23 12:3 a.m.26 views

Cross-site Scripting in OWASP AntiSamy

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS conten...

6.1CVSS6.1AI score0.01239EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2022/04/22 8:29 a.m.26 views

Cross-site Scripting (XSS)

org.owasp.antisamy:antisamy is vulnerable to cross-site scriptingXSS attacks. The output serializer does not properly encode the cascading style sheetCSS content, allowing an attacker to conduct HTML tag smuggling on STYLE content with the use of a specifically crafted user input, resulting in...

6.1CVSS0.6AI score0.00962EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2022/04/21 11:15 p.m.18 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS0.01239EPSS
Exploits0References3
OSV
OSV
added 2022/04/21 11:15 p.m.37 views

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/21 11:15 p.m.2 views

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS5.9AI score0.00962EPSS
Exploits0References3
OSV
OSV
added 2022/04/21 11:15 p.m.1 views

DEBIAN-CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS5.9AI score0.00962EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/21 11:15 p.m.6 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS7.2AI score0.01239EPSS
Exploits0References4
OSV
OSV
added 2022/04/21 11:15 p.m.31 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS6AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/04/21 11:15 p.m.38 views

CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS6.3AI score0.00962EPSS
Exploits0References5
Prion
Prion
added 2022/04/21 11:15 p.m.19 views

Design/Logic Flaw

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

4.3CVSS5.9AI score0.00962EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/21 11:15 p.m.2 views

UBUNTU-CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS6AI score0.01239EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/04/21 11:15 p.m.36 views

CVE-2022-29577

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

6.1CVSS6.8AI score0.01239EPSS
Exploits0References4
Prion
Prion
added 2022/04/21 11:15 p.m.25 views

Design/Logic Flaw

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367...

4.3CVSS6.1AI score0.01239EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2022/04/21 11:15 p.m.1 views

UBUNTU-CVE-2022-28367

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets CSS content...

6.1CVSS5.8AI score0.00962EPSS
Exploits0References6
CVE
CVE
added 2022/04/21 10:42 p.m.158 views

CVE-2022-29577

AntiSamy vulnerability CVE-2022-29577 affects AntiSamy before 1.6.7, allowing cross-site scripting via HTML/CSS content smuggling in STYLE content. The flaw stems from incomplete encoding in the output serializer for CSS/CSS-like input, enabling an attacker to execute script in the victim’s brows...

6.1CVSS6.1AI score0.01239EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder