16 matches found
EUVD-2024-37304
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-37304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature...
CVE-2024-37304
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...
CVE-2024-37304
CVE-2024-37304 concerns NuGetGallery, the NuGet.org frontend/back-end, where Markdown autolinks were not properly sanitized. The vulnerability allows XSS via autolinks such as , since autolinks can be rendered with insufficient sanitization despite standard JavaScript link filtering. A patch was ...
CVE-2024-37304 NuGetGallery's Markdown Autolinks Processing Vulnerable to Cross-site Scripting
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...
CVE-2024-37304 NuGetGallery's Markdown Autolinks Processing Vulnerable to Cross-site Scripting
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...
CVE-2023-37304
An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature...
CVE-2023-37304
An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature...
CVE-2023-37304
An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature...
CVE-2023-37304
CVE-2023-37304 affects the DoubleWiki extension for MediaWiki up to version 1.39.3. The issue is an XSS vulnerability in includes/DoubleWiki.php triggered by the column alignment feature. Exploitation details are not provided in the connected documents; no in‑the‑wild exploitation data is stated....
CVE-2022-37304
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
CVE-2021-37304
creationtimestamp| type| source ---|---|--- 2023-02-03 20:20:57+00:00| seen| https://t.me/cibsecurity/57478 2023-05-18 01:00:13+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-37304.yaml 2025-03-26 16:25:31+00:00| published-proof-of-concept...
CVE-2021-37304
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface...
CVE-2021-37304
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote attackers to gain escalated privilege and view sensitive information via the httptrace interface...
CVE-2021-37304
CVE-2021-37304 : Insecure permissions in jeecg-boot 2.4.5 allow unauthenticated remote attackers to gain escalated privileges and view sensitive information via the httptrace interface. The root cause is insufficient permission checks, enabling information disclosure and privilege escalation. The...
CVE-2022-37304
CVE-2022-37304 is rejected/not used and does not represent an active vulnerability entry.