Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OwaspJson-sanitizer

2 matches found

CVE
CVEadded 2021/01/13 4:15 p.m.61 views

CVE-2021-23899

OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents.

9.8CVSS9.3AI score0.00443EPSS
CVE
CVEadded 2021/01/13 4:15 p.m.55 views

CVE-2021-23900

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.

7.5CVSS7.4AI score0.00408EPSS