Known Vulnerabilities for products from Antisamy Project

Listed below are 7 of the newest known vulnerabilities associated with the vendor "Antisamy Project".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-43643 json AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7... 6.1 - MEDIUM 2023-10-09 2023-10-13
CVE-2022-29577 json OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does... 6.1 - MEDIUM 2022-04-21 2023-02-23
CVE-2022-28367 json OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does... 6.1 - MEDIUM 2022-04-21 2022-05-03
CVE-2022-28366 json Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessi... 7.5 - HIGH 2022-04-21 2023-12-07
CVE-2021-35043 json OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). Thi... 6.1 - MEDIUM 2021-07-19 2022-10-29
CVE-2017-14735 json OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of : to construct a javascript: URL. 6.1 - MEDIUM 2017-09-25 2021-07-20
CVE-2016-10006 json In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you ... 6.1 - MEDIUM 2016-12-24 2019-11-14

Known software with vulnerabilities from Antisamy Project

Type Vendor Product Version
ApplicationAntisamy ProjectAntisamy1.4.1