14 matches found
EUVD-2022-0075
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-3427
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as...
GHSA-5C8P-QHCH-QHX6 Deluge Web-UI vulnerable to XSS through a crafted torrent file
The Deluge Web-UI is vulnerable to cross-site scripting through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context ...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
PYSEC-2022-256
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
PYSEC-2022-256
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
Session fixation
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
Deluge Web-UI 跨站脚本漏洞
Deluge Web-UI is a full-featured interface built using the ExtJS framework. A security vulnerability exists in Deluge Web-UI because it does not properly sanitize data in torrent files and parses it directly as HTML, allowing whoever provides a malicious torrent file to a user to execute arbitrar...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...
Deluge 1.3.13 Cross Site Request Forgery / Code Execution
Remote code execution via CSRF vulnerability in the web UI of Deluge 1.3.13 Kyle Neideck, February 2017 Product ------- Deluge is a BitTorrent client available from http://deluge-torrent.org. Fix --- Fixed in the public source code, but not in binary releases yet. See...