Vulnerabilities > Antisamy Project

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2024-23635 Cross-site Scripting vulnerability in Antisamy Project Antisamy
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources.
network
low complexity
antisamy-project CWE-79
6.1
2023-10-09 CVE-2023-43643 Unspecified vulnerability in Antisamy Project Antisamy
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources.
network
low complexity
antisamy-project
6.1
2022-04-21 CVE-2022-28366 Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessive heap memory consumption. 7.5
2022-04-21 CVE-2022-28367 Cross-site Scripting vulnerability in Antisamy Project Antisamy
OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input.
network
low complexity
antisamy-project CWE-79
6.1
2022-04-21 CVE-2022-29577 Cross-site Scripting vulnerability in multiple products
OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input.
network
low complexity
antisamy-project oracle CWE-79
6.1
2021-07-19 CVE-2021-35043 Cross-site Scripting vulnerability in multiple products
OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected).
network
low complexity
antisamy-project oracle netapp CWE-79
6.1
2017-09-25 CVE-2017-14735 Cross-site Scripting vulnerability in Antisamy Project Antisamy
OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of : to construct a javascript: URL.
network
low complexity
antisamy-project CWE-79
6.1
2016-12-24 CVE-2016-10006 Cross-site Scripting vulnerability in Antisamy Project Antisamy
In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code.
network
low complexity
antisamy-project CWE-79
6.1