{"id":"CVE-2016-10006","details":"In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.","aliases":["GHSA-683w-6h9j-57wq"],"modified":"2026-03-15T13:51:54.483233Z","published":"2016-12-24T18:59:00.130Z","references":[{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037532"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95101"},{"type":"FIX","url":"https://github.com/nahsra/antisamy/issues/2"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.5"}]},{"events":[{"introduced":"0"},{"fixed":"1.5.5"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10006.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}