22 matches found
EUVD-2025-23918
Malicious code in bioql PyPI...
EUVD-2025-23919
Malicious code in bioql PyPI...
EUVD-2025-23920
Malicious code in bioql PyPI...
CVE-2025-55134
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...
CVE-2025-55135
In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG...
CVE-2025-55135
In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG...
CVE-2025-55134
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...
CVE-2025-55133
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js...
CVE-2025-55134
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...
CVE-2025-55133
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js...
PT-2025-32269 · Unknown · Agora Foundation
Name of the Vulnerable Software and Affected Versions: Agora Foundation Agora fall23-Alpha1 versions prior to 690ce56 Description: The application permits file formats other than PNG, JPEG, and WEBP for profile pictures, including SVG. This allows for cross-site scripting XSS via a crafted profil...
CVE-2025-55134
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...
CVE-2025-55135
In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG...
CVE-2025-55133
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js...
CVE-2025-55133
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js...
CVE-2025-55134
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...
PT-2025-32268 · Unknown · Agora Foundation
Name of the Vulnerable Software and Affected Versions: Agora Foundation versions prior to b087490 Description: The software is susceptible to a cross-site scripting XSS issue due to a vulnerability in how tags are handled. This flaw is located in the client/agora/public/js/editorManager.js file...
PT-2025-32267 · Agora · Agora Foundation
Name of the Vulnerable Software and Affected Versions: Agora Foundation Agora versions prior to b087490 Description: The application is susceptible to a cross-site scripting XSS issue due to improper handling of the topicName parameter within the client/agora/public/js/editorManager.js file...
CVE-2025-55134
Affected software: Agora Foundation fall23-Alpha1 (pre-b087490). The vulnerability is a client-side cross-site scripting (XSS) in editorManager.js caused by improper handling of the tag parameter. Impact is XSS exposure via that field; no exploitation details are provided beyond this. Mitigation:...
CVE-2025-55133
CVE-2025-55133 affects Agora Foundation Agora fall23-Alpha1 prior to build b087490 , with a cross-site scripting (XSS) flaw exposed via the topicName parameter in client/agora/public/js/editorManager.js . The underlying issue is improper handling of topicName leading to script injection. The CVSS...