CVE
CVE-2015-6748
| CVE ID |
CVE-2015-6748
|
|---|---|
| CVSS Score |
6.1
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
jsoup-1.6.1-10_ol001.el7
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary :
It was found that jsoup did not properly validate user-supplied HTML content; certain HTML snippets could get past the validator without being detected as unsafe.
A remote attacker could use a specially crafted HTML snippet to execute arbitrary web script in the user's browser.