Vulnerabilities in OWASP
7 resultsCVE-2022-39955HIGHPartial rule set bypass in OWASP ModSecurity Core Rule Set by submitting a specially crafted HTTP Content-Type headerEPSS 1.1%CVE-2021-4247MEDIUMOWASP NodeGoat Query Parameter research.js denial of serviceEPSS 1.0%CVE-2022-39958HIGHResponse body bypass in OWASP ModSecurity Core Rule Set via repeated HTTP Range header submission with a small byte rangeEPSS 0.9%CVE-2022-39956HIGHPartial rule set bypass in OWASP ModSecurity Core Rule Set for HTTP multipart requests using character encoding in the Content-Type or Content-Transfer-Encoding headerEPSS 0.9%CVE-2022-39957HIGHResponse body bypass in OWASP ModSecurity Core Rule Set via a specialy crafted charset in the HTTP Accept headerEPSS 0.8%CVE-2026-3816MEDIUMOWASP DefectDojo SonarQubeParser/MSDefenderParser parser.py input_zip.read denial of serviceEPSS 0.5%CVE-2025-66021HIGHOWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitizationEPSS 0.2%