Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2023-24539

Опубликовано: 04 сент. 2025
Источник: msrc
CVSS3: 7.3
EPSS Низкий

Описание

Improper sanitization of CSS values in html/template

EPSS

Процентиль: 21%
0.00065
Низкий

7.3 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-24539

CVSS3: 7.3
ubuntu
больше 2 лет назад

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

redhat логотип

CVE-2023-24539

CVSS3: 7.3
redhat
больше 2 лет назад

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

nvd логотип

CVE-2023-24539

CVSS3: 7.3
nvd
больше 2 лет назад

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

debian логотип

CVE-2023-24539

CVSS3: 7.3
debian
больше 2 лет назад

Angle brackets (<>) are not considered dangerous characters when inser ...

github логотип

GHSA-3q6h-q44p-xw88

CVSS3: 7.3
github
больше 2 лет назад

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.

EPSS

Процентиль: 21%
0.00065
Низкий

7.3 High

CVSS3