HTML Sanitizer Vulnerability in OWASP Product
CVE-2011-4457

Currently unrated

Key Information:

Vendor: Owasp-java-html-sanitizer Project
Status: Owasp-java-html-sanitizer
Vendor: CVE Published:; 17 November 2011

🔔 Create Owasp-java-html-sanitizer Project Vulnerability Alert

What is CVE-2011-4457?

The OWASP HTML Sanitizer, prior to version 88, contains a vulnerability where user-assisted remote attackers can leverage a specially crafted FORM element located within a NOSCRIPT element. This occurs when JavaScript is disabled, posing risks of exposing sensitive information. Users of the affected versions should consider upgrading to eliminate potential security risks.

References

http://owasp-java-html-sanitizer.googlecode.com/svn/trunk...

x_refsource_CONFIRM

http://code.google.com/p/owasp-java-html-sanitizer/wiki/C...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 17, 2011

CVE-2011-4457 Data

JSON