Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-10006

Опубликовано: 24 дек. 2016
Источник: debian
EPSS Низкий

Описание

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libowasp-antisamy-javafixed1.7.4-1package
libowasp-antisamy-javaignoredbookwormpackage
libowasp-antisamy-javano-dsabullseyepackage
libowasp-antisamy-javano-dsabusterpackage
libowasp-antisamy-javano-dsastretchpackage

Примечания

  • https://github.com/nahsra/antisamy/issues/2

EPSS

Процентиль: 76%
0.00992
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-10006

CVSS3: 6.1
ubuntu
около 9 лет назад

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.

nvd логотип

CVE-2016-10006

CVSS3: 6.1
nvd
около 9 лет назад

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.

github логотип

GHSA-683w-6h9j-57wq

CVSS3: 6.1
github
больше 7 лет назад

OWASP AntiSamy vulnerable to Cross-site Scripting

EPSS

Процентиль: 76%
0.00992
Низкий