Miggo Logo

CVE-2022-24891: Cross-site Scripting in org.owasp.esapi:esapi

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.56511%
Published
4/27/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.owasp.esapi:esapimaven<= 2.2.3.12.3.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

### Imp**t T**r* is * pot*nti*l *or *n XSS vuln*r**ility in *S*PI **us** *y * in*orr**t r**ul*r *xpr*ssion *or "onsit*URL" in t** ***ntis*my-*s*pi.xml** *on*i*ur*tion *il* t**t **n **us* URLs wit* t** "j*v*s*ript:" s***m* to NOT ** s*nitiz**. S** t**

Reasoning

No *n*lysis *v*il**l*