This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Validator.isValidSafeHTML() is vulnerable as per CVE-2023-4780 #835
Labels
You can continue the conversation there. Go to discussion →
Hi Team,
Our organization has filed security finding in our application because of usagae of ESAPI open source library in our application. Based on investigation, finding is filed because of CVE-2023-4780, presence of method Validator.isValidSafeHTML(). As per GHSA-r68h-jhhj-9jvm , this method will be deleted in next one year. We would like to know in which release this method will be deleted and if there is any short term remediation through which we can resolve this finding?
Thanks,
Adwait Joshi
The text was updated successfully, but these errors were encountered: