CVE-2011-4457 Information

Description

OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88 when JavaScript is disabled allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM element within a NOSCRIPT element.

Reference

http://code.google.com/p/owasp-java-html-sanitizer/wiki/CVE20114457 http://owasp-java-html-sanitizer.googlecode.com/svn/trunk/CHANGE_LOG.html