Nahsra Antisamy vulnerabilities
2 known vulnerabilities affecting nahsra/antisamy.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-23635MEDIUMCVSS 6.1fixed in 1.7.52024-02-02
CVE-2024-23635 [MEDIUM] CWE-79 CVE-2024-23635: AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sour
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your policy file
cvelistv5nvd
CVE-2023-43643MEDIUMCVSS 6.1≤ 1.7.32023-10-09
CVE-2023-43643 [MEDIUM] CWE-79 CVE-2023-43643: AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sour
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your pol
cvelistv5nvd