📦 Middleware Common Libraries And Tools

CVE-2022-23305 is an SQL injection vulnerability in Log4j 1.2.x's JDBCAppender that allows attackers to execute arbitrary SQL queries by injecting malicious strings into application inputs that get lo...

CVE-2021-42575 is a critical vulnerability in the OWASP Java HTML Sanitizer that allows bypassing HTML sanitization policies for SELECT, STYLE, and OPTION elements. This enables cross-site scripting (...

This vulnerability in XMLBeans XML parsers allows attackers to perform XML Entity Expansion (XXE) attacks by submitting malicious XML input. It affects all applications using XMLBeans up to version 2....