Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Content name pattern due to the insecure usage of innerHTML in the getTextHeight function. This is only exploitable if the user has content edit permissions. Details Cross-site scripting or XSS is a code...

PT-2024-35962 · Ibexa · Ibexa Admin Ui Bundle

Name of the Vulnerable Software and Affected Versions: Ibexa Admin UI Bundle versions prior to 4.6.14 Description: A Cross-Site Scripting XSS vulnerability has been found in the Content name pattern mechanism of the Ibexa Admin UI Bundle. This issue can be exploited if an attacker has Content edi...