CVE-2021-23899
CVSS v3.1
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.24 % (65th)
Affected Products
1
Advisories
1
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents.
Weaknesses
- CWE-611
- Improper Restriction of XML External Entity Reference
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2021-01-13 16:15:14
(3 years ago) - Updated Date
-
2021-01-19 18:45:55
(3 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...