CVE-2011-4457

Publication date

2011-11-17 23:00:00

Family

mitre

State

PUBLISHED

Description

OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM element within a NOSCRIPT element.