In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-12-24T18:17:00

Updated: 2024-08-06T03:07:31.588Z

Reserved: 2016-12-19T00:00:00

Link: CVE-2016-10006

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-12-24T18:59:00.130

Modified: 2024-11-21T02:43:04.847

Link: CVE-2016-10006

cve-icon Redhat

No data.