113 matches found
ejs 安全漏洞
Github ejs are embedded JavaScript templates. A security vulnerability exists in ejs Embedded JavaScript templates versions prior to 3.1.10, which stems from the lack of some pollution protection...
CVE-2024-33883
The ejs aka Embedded JavaScript templates package before 3.1.10 for Node.js lacks certain pollution protection...
CVE-2024-33883
The ejs aka Embedded JavaScript templates package before 3.1.10 for Node.js lacks certain pollution protection...
Cesanta MJS Denial of Service Vulnerability (CNVD-2024-34384)
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. Cesanta MJS has a denial of service vulnerability that can be exploited by an attacker...
Cesanta MJS Denial of Service Vulnerability (CNVD-2024-27558)
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. A denial of service vulnerability exists in Cesanta MJS version 2.20.0, which is caused by a flaw in the mjs+0x4ec508 component. An attacker could exploit this vulnerability to cause a denial of service...
Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities
Talos Vulnerability Report TALOS-2023-1704 Milesight MilesightVPN requestHandlers.js detaildevice cross-site scripting XSS vulnerabilities July 6, 2023 CVE Number CVE-2023-24497,CVE-2023-24496 SUMMARY Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice...
ejs 注入漏洞
Github ejs is an embedded JavaScript template. An injection vulnerability exists in ejs version v3.1.9, which stems from vulnerability to server-side template injection SSTI attacks, which can be exploited by an attacker to achieve template injection through the configuration settings of the...
Eta 跨站脚本漏洞
Eta is Eta open source a lightweight , fast embedded JS template engine . Can run in Node, Deno and browser . A cross-site scripting vulnerability exists in Eta. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
Code injection
The SVG Support plugin for WordPress defaults to insecure settings in version 2.5 and 2.5.1. SVG files containing malicious javascript are not sanitized. While version 2.5 adds the ability to sanitize image as they are uploaded, the plugin defaults to disable sanitization and does not restrict SV...
Cesanta MJS 代码问题漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...
Cesanta MJS 代码问题漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...
Cesanta MJS 代码问题漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...
Cesanta MJS 代码问题漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...
Cesanta MJS has an unspecified vulnerability (CNVD-2022-77020)
Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...
Cesanta MJS has an unspecified vulnerability (CNVD-2022-77023)
Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...
DEBIAN-CVE-2022-29078
The ejs aka Embedded JavaScript templates package 3.1.6 for Node.js allows server-side template injection in settingsview optionsoutputFunctionName. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command which is executed upon template...
UBUNTU-CVE-2022-29078
The ejs aka Embedded JavaScript templates package 3.1.6 for Node.js allows server-side template injection in settingsview optionsoutputFunctionName. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command which is executed upon template...
CVE-2022-29078
CVE-2022-29078 affects Node.js ejs, version 3.1.6. The vulnerability is a server-side template injection in settings[view options][outputFunctionName], where input is parsed as an internal option and can overwrite outputFunctionName to execute an arbitrary OS command during template compilation. ...
Cesanta MJS has an unspecified vulnerability (CNVD-2022-77012)
Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...
Cesanta MJS has an unspecified vulnerability (CNVD-2022-77013)
Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...