3 matches found
CVE-2025-66021
OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while protecting against XSS. In version 20240325.1, OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style...
au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0), br.com.jarch:jarch-apt (>=20.7.0 <=25.12.0) +746 more potentially affected by CVE-2025-66021 via com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (>=r136 <=20240325.1)
com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer MAVEN version =r136, =6.2.2, =20.7.0, =24.2.0, =20.7.0, =23.1.0, =24.2.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.6.8 and more Source cves: CVE-2025-66021 Source advisory:...
CVE-2025-66021
creationtimestamp| type| source ---|---|--- 2025-11-25 00:00:02+00:00| published-proof-of-concept| https://github.com/OWASP/java-html-sanitizer/security/advisories/GHSA-g9gq-3pfx-2gw2 2026-02-20 13:38:22+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-di-sicurezza-prodotti-atlassian...