Uploaded image for project: 'Keikai'
  1. Keikai
  2. KEIKAI-782

fix org.jsoup:[email protected] vulnerabilities

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 6.0.0
    • 5.12.2
    • None

      Steps to Reproduce

      1. See https://security.snyk.io/package/maven/org.jsoup:jsoup/1.15.1

      Current Result

      Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper sanitization of HTML including javascript: URL expressions if the non-default SafeList.preserveRelativeLinks option is enabled and no Content Security Policy is set on the website.

      Expected Result

      depends on a version without the vulnerability

      Debug Information

      • How to fix Cross-site Scripting (XSS)?
        Upgrade org.jsoup:jsoup to version 1.15.3 or higher.

            jumperchen jumperchen
            hawk hawk
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: