CVE-2022-29577 in Antisamyproject and Oracle Products
Published on April 21, 2022

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367.

NVD

Products Associated with CVE-2022-29577

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-29577 are published in these products:

Antisamyproject Antisamy

Oracle Weblogic Server

Oracle Enterprise Manager Base Platform

Exploit Probability

EPSS

0.24%

Percentile

47.43%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-29577 in Antisamyproject and Oracle ProductsPublished on April 21, 2022

Products Associated with CVE-2022-29577

Exploit Probability

CVE-2022-29577 in Antisamyproject and Oracle Products
Published on April 21, 2022