3 matches found
October CMS has Safe Mode Bypass via CSS Preprocessor Compilers
A server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the compiler's import functionality to read arbitrary files from the server. This worked even...
CVE-2026-35046 Tandoor has a Stored CSS Injection via <style> Tag in Recipe Instructions (API-Level)
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, Tandoor Recipes allows authenticated users to inject arbitrary tags into recipe step instructions. The bleach.clean sanitizer explicitly whitelists the tag, causing the backend to...
UBUNTU-CVE-2015-5826
WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...