Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2021/01/04 7:15 p.m.8 views

CVE-2020-26293

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly allowed the tag, an attacker could craft HTML that includ...

6.1CVSS6AI score0.00344EPSS
Exploits0References4
OSV
OSVadded 2021/01/04 7:15 p.m.10 views

CVE-2020-26293

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly allowed the tag, an attacker could craft HTML that includ...

6.1CVSS5.9AI score
Exploits0References4
Prion
Prionadded 2021/01/04 7:15 p.m.13 views

Design/Logic Flaw

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly allowed the tag, an attacker could craft HTML that includ...

4.3CVSS5.9AI score0.00344EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/01/04 6:22 p.m.21 views

GHSA-8J9V-H2VP-2HHV XSS in HtmlSanitizer

Impact If you have explicitly allowed the tag, an attacker could craft HTML that includes script after passing through the sanitizer. The default settings disallow the tag so there is no risk if you have not explicitly allowed the tag. Patches The problem has been fixed in version 5.0.372...

6.1CVSS6.1AI score0.00344EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2021/01/04 6:22 p.m.44 views

XSS in HtmlSanitizer

Impact If you have explicitly allowed the tag, an attacker could craft HTML that includes script after passing through the sanitizer. The default settings disallow the tag so there is no risk if you have not explicitly allowed the tag. Patches The problem has been fixed in version 5.0.372...

6.1CVSS6.1AI score0.00344EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2021/01/04 6:20 p.m.14 views

CVE-2020-26293 Possible XSS bypass if style tag is allowed

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly allowed the tag, an attacker could craft HTML that includ...

6.1CVSS6AI score0.00344EPSS
Exploits0References4
Rows per page
Query Builder