Cross Site Scripting (XSS)

org.owasp.esapi:esapi is vulnerable to Cross-site Scripting XSS. The Validator.isValidSafeHTML method, which is responsible for determining whether user-supplied input is safe to include in HTML content, exhibits a flaw that can lead to false negatives. This means that the method may incorrectly...