Owasp Java_html_sanitizer
2 CVEs affecting Owasp Java_html_sanitizer. Latest disclosed: 2025-11-26. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-42575 | Critical | 9.8 | 2021-10-18 | The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. |
CVE-2025-66021 | Medium | 6.1 | 2025-11-26 | OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while pro… |