1 results (0.004 seconds)
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 1
CVE-2021-42575 – owasp-java-html-sanitizer: improper policies enforcement may lead to remote code execution
https://notcve.org/view.php?id=CVE-2021-42575
The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. OWASP Java HTML Sanitizer versiones anteriores a 20211018.1, no aplica apropiadamente las políticas asociadas a los elementos SELECT, STYLE y OPTION • https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50 https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-42575 https://bugzilla.redhat.com/show_bug.cgi?id=2027195 • CWE-20: Improper Input Validation •