CVE-2019-10219
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Produtos afetados
Hibernate · hibernate-validatorQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2020:0159https://access.redhat.com/errata/RHSA-2020:0160https://access.redhat.com/errata/RHSA-2020:0161https://access.redhat.com/errata/RHSA-2020:0164https://access.redhat.com/errata/RHSA-2020:0445https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceehttps://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceeehttps://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fehttps://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploithttps://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E