-
## CVE-2022-29577 - Medium Severity Vulnerability
Vulnerable Library - antisamy-1.4.3.jar
The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CS…
-
Hi everyone,
I am currently trying to implement Coraza into my Caddy setup, but for some reason the hostname of blocked requests does not get logged. As you can see in the log samples below, the ho…
-
- Site: [https://preview.owasp-juice.shop](https://preview.owasp-juice.shop)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 3:
- [https://preview.owasp-juic…
-
I originally reported this here: "CodeQL XSS False Positives and XSS AutoFix incorrect location for defensive encoding" (https://github.com/orgs/community/discussions/122802), but am reporting it here…
-
Security team is going to add security tests to Postman collections located here: core/dotCMS/src/curl-test
Plus every time there is a new PR related to Postman change (like adding a new resource or s…
-
```
What steps will reproduce the problem?
root@xxx:/usr/local/mantra# sudo ./OWASP\ Mantra
firefoxportable:Debug/Info: 0=./OWASP Mantra
firefoxportable:Debug/Info: dir=/usr/local/mantra
firefoxporta…
-
Hello,
I am getting hard to run a quick apache/nginx webserver + waf for demonstration purposes,
I would prefer to use owasp/modsecurity image as a standalone server rather than a reverse proxy,
I…
-
To enhance our project and the next diagram artifact version we added for v1.1, I think we should include information about traditional REST API and websocket architecture into the diagram and how thi…
-
```
What steps will reproduce the problem?
1. set in antisamy.xml
2. run simple scan scan("
-
```
What steps will reproduce the problem?
1. set in antisamy.xml
2. run simple scan scan("