4 matches found
BIT-JUPYTER-BASE-NOTEBOOK-2026-42557 jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...
WordPress ShopMagic plugin <= 4.5.6 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin ShopMagic versions = 4.5.6...
BigTree CMS Cross-Site Scripting Vulnerability (CNVD-2023-93329)
BigTree CMS is a content management system. A cross-site scripting vulnerability exists in BigTree CMS version v4.5.7, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by a remote attacker to execute arbitrary code via ID...
FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-36989)
FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conference server and voice application server. A cross-site scripting vulnerability exists in FusionPBX 4.5.7 and prior versions. The...