CVE-2015-6748
CVE-2015-6748
| Published Date | 2025-06-25 |
|---|---|
| Product | centos |
| Severity | Medium (6.1) |
| Component | jsoup |
| Affected Versions | CentOS 7 |
| Patched Versions | jsoup-1.6.1-10_ol001.el7 |
CVE Details
OL CVE Issue Summary :
It was found that jsoup did not properly validate user-supplied HTML content; certain HTML snippets could get past the validator without being detected as unsafe. A remote attacker could use a specially crafted HTML snippet to execute arbitrary web script in the user's browser.