Vulnerability Details CVE-2011-4457
OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM element within a NOSCRIPT element.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.7%
CVSS Severity
CVSS v2 Score 2.6
References
Products affected by CVE-2011-4457
-
cpe:2.3:a:owasp-java-html-sanitizer_project:owasp-java-html-sanitizer:*
-
cpe:2.3:a:owasp-java-html-sanitizer_project:owasp-java-html-sanitizer:42
-
cpe:2.3:a:owasp-java-html-sanitizer_project:owasp-java-html-sanitizer:48
-
cpe:2.3:a:owasp-java-html-sanitizer_project:owasp-java-html-sanitizer:50
-
cpe:2.3:a:owasp-java-html-sanitizer_project:owasp-java-html-sanitizer:74