3 matches found
Medium: jsoup
Issue Overview: jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in ojoptions.rb, when FLUENTOJOPTIONMODE is set to the non-default value object. Remediation Upgrade fluentd to version 1.15.3 or higher. References - GitHub Commit Credit: Peter Stöckli...
DEBIAN-CVE-2022-36033
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...