Enterprise Security Api Security Vulnerabilities and Issues — Enterprise Security Api CVE List

Lucene search

OwaspEnterprise Security Api

1 matches found

CVE•added 2022/04/27 9:15 p.m.•799 views

CVE-2022-24891

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the antisamy-esapi.xml configurati...

6.1CVSS5.7AI score0.00153EPSS