Overview
- Description
- A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-79
Social media
- Hype score
- Not currently trending
🔒 CVE-2023-1932 (Published: 2024-11-07) affects Red Hat products. Exploited versions include specific releases vulnerable to this low-severity issue. To mitigate risks, ensure you update to the latest patched versions. For more details, check the bug report:… https://t.co/ik6N8E
@transilienceai
10 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2023-1932 (Published: 2024-11-07) - A medium severity vulnerability affecting Red Hat products. Exploited in specific versions. Ensure your systems are updated to the latest patches to mitigate risks. For more details, visit: https://t.co/yK8dFc2UWu #CyberSecurity #RedHat
@transilienceai
10 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-1932 A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypasse… https://t.co/PpsdiuuqQp
@CVEnew
7 Nov 2024
561 Impressions
2 Retweets
1 Like
2 Bookmarks
0 Replies
0 Quotes