htmlcleaner is vulnerable to information disclosure. Multiple race conditions in src/main/java/org/htmlcleaner/HtmlCleaner.java
, when performing rapid mail-sending or draft-saving operations, allow a remote authenticated attacker to read private e-mails of other users by leveraging on the lack of thread safety.
CPE | Name | Operator | Version |
---|---|---|---|
htmlcleaner | le | 2.5 |