PT-2019-6379 · Red Hat+4 · Hibernate Validator+4

Publicado

2019-03-27

Atualizado

2025-09-29

CVE-2019-10219

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Hibernate Validator (affected versions not specified)

Description The issue is related to the SafeHtml validator in Hibernate Validator, which fails to properly sanitize HTML content. This can lead to an XSS attack when an attacker sends malicious code in HTML comments or instructions. The vulnerability can be exploited remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

ALSA-2025_16880

ALT-PU-2021-3241

ALT-PU-2022-1082

ALT-PU-2022-1083

ALT-PU-2022-1084

ALT-PU-2022-1085

ALT-PU-2022-1086

ALT-PU-2022-1182

ALT-PU-2022-1183

ALT-PU-2022-1184

ALT-PU-2022-1185

ALT-PU-2022-1186

ALT-PU-2022-2171

ALT-PU-2023-1912

ALT-PU-2023-4088

ALT-PU-2023-4089

ALT-PU-2023-4090

ALT-PU-2023-4664

ALT-PU-2023-4665

ALT-PU-2023-4729

ALT-PU-2023-4730

BDU:2023-05424

CVE-2019-10219

GHSA-M8P2-495H-CCMH

OESA-2021-1332

RHSA-2020:0159

RHSA-2020:0160

RHSA-2020:0161

RHSA-2020:4366

Produtos afetados

Alt Linux

Debian

Hibernate Validator

Red Os

Virtualbox

PT-2019-6379 · Red Hat+4 · Hibernate Validator+4

CVE-2019-10219

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 46