Antisamy
Sign in to watchCVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-14735 | Med | 0.40 | 6.1 | 0.01 | Sep 25, 2017 | OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of : to construct a javascript: URL. | |
| CVE-2016-10006 | Med | 0.40 | 6.1 | 0.01 | Dec 24, 2016 | In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS. |