@agentscope-ai/chat (>=1.1.43 <=1.1.63-beta.1778041790294), @ant-design/charts (>=2.2.2 <=2.6.7) +72 more potentially affected by unknown CVE via @antv/g-svg (>=2.0.0 <=2.1.1)

@antv/g-svg NPM version =2.0.0, =1.1.43, =2.2.2, =2.0.0, =1.0.0, =1.1.0, =2.0.0, =2.0.0, =0.1.6, =0.1.0, =0.1.0, =1.2.0, =2.0.28, =0.0.18, =0.0.23 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3962...

MINI-5HJ3-Q77J-3962

Bulletin has no description...

CVE-2026-3962

A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function rendertemplate of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...

CVE-2026-3962

creationtimestamp| type| source ---|---|--- 2026-03-11 22:16:00+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3962...

EUVD-2005-4256

Malware in sbrugna...

CVE-2020-3962

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine wi...

CVE-2019-3962

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the...

CVE-2025-3962

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2025-3962

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2025-3962

creationtimestamp| type| source ---|---|--- 2025-04-27 07:09:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13606 2025-04-27 07:35:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnrqil2sr62d 2025-04-27 10:28:06+00:00| seen|...

CVE-2025-3962 withstars Books-Management-System Comment add cross site scripting

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2025-3962

The CVE-2025-3962 entry affects withstars Books-Management-System 1.0, specifically the /api/comment/add endpoint in the Comment Handler. A cross-site scripting flaw is triggered by manipulating the content argument, enabling remote exploitation. Multiple sources confirm the vulnerability and not...

CVE-2024-3962

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppomuploadfile function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary files...

CVE-2024-3962

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppomuploadfile function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary files...

CVE-2011-3962

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

CVE-2023-3962

creationtimestamp| type| source ---|---|--- 2023-10-20 20:35:25+00:00| seen| https://t.me/cibsecurity/72704...

CVE-2023-3962

The Winters theme for WordPress (Winters, WordPress) is affected by CVE-2023-3962: a Reflected Cross-Site Scripting vulnerability caused by prototype pollution and insufficient input sanitization/output escaping. It affects versions up to and including 1.4.3. Impact/ment is defined as an unauthen...

CVE-2022-3962

CVE-2022-3962 affects Kiali and is described as a content spoofing vulnerability. The issue arises because Kiali does not implement proper error handling when the target page or endpoint cannot be found, permitting an attacker to inject arbitrary text via error responses retrieved from the URL. T...

CVE-2022-3962 Kiali: error message spoofing in kiali ui

A content spoofing vulnerability was found in Kiali. It was discovered that Kiali does not implement error handling when the page or endpoint being accessed cannot be found. This issue allows an attacker to perform arbitrary text injection when an error response is retrieved from the URL being...

WordPress winters Theme <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software winters Type Theme Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3962 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 303bf4cd5b63 Credits longxi Required privilege...