- CVE ID
- sonatype-2023-4780
- CWE
- N/A
- CVE Description
- esapi - Cross-Site Scripting (XSS)
- Published
- Nov 28, 2023
- CVSS Score & Severity
6.1Medium
- CVSS Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- EPSS Score
- 0%
- KEV Status
Not in KEV Catalog: No known exploits
- Vulnerable Methods
org/owasp/esapi/Validator.isValidSafeHTML(Ljava/lang/String;Ljava/lang/String;IZ)ZJVM
org/owasp/esapi/Validator.isValidSafeHTML(Ljava/lang/String;Ljava/lang/String;IZLorg/owasp/esapi/ValidationErrorList;)ZJVM
- Source
- Sonatype