Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-35043

Disclosure Date: July 19, 2021 (last updated November 28, 2024)
OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with &#00058 as the replacement for the : character.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0