Lucene search
K

461 matches found

Github Security Blog
Github Security Blog
added 2026/03/12 2:23 p.m.12 views

ha-mcp has XSS via Unescaped HTML in OAuth Consent Form

Summary The ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth endpoint and convince the server operator to follow a crafted authorization URL could execute JavaScript in the operator's browser. This affects...

6.8CVSS5.8AI score0.00181EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 8:50 p.m.3 views

CVE-2026-32124

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the dynamic code picker AJAX endpoint returns code descriptions codetext that are rendered in the front end e.g. DataTables without HTML escaping. If an administrator or user...

5.4CVSS5.8AI score0.00162EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/11 6:35 p.m.3 views

SUSE-SU-2026:0876-1 Security update for go1.26

This update for go1.26 fixes the following issues: Update to go1.26.1 bsc1255111: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138: crypto/x509: panic in name...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/03/11 9:25 a.m.1 views

CVE-2026-3231

The Checkout Field Editor Checkout Manager for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom radio and checkboxgroup field values submitted through the WooCommerce Block Checkout Store API in all versions up to, and including, 2.1.7. This is due to the...

7.2CVSS5.9AI score0.00321EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Craft Commerce 跨站脚本漏洞

Craft Commerce is an e-commerce platform developed under the open-source Craft CMS framework. Versions of Craft Commerce prior to 5.5.3 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper HTML escaping during the rendering of the Name field on the Commerce...

4.8CVSS5.7AI score0.00234EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Craft Commerce 跨站脚本漏洞

Craft Commerce is an e-commerce platform developed under the open-source Craft CMS framework. Versions of Craft Commerce prior to 5.5.3 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper HTML escaping during the rendering of product titles, variant titles, an...

8.6CVSS5.7AI score0.00204EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/09 7:48 p.m.9 views

FileBrowser Quantum: Stored XSS in public share page via unsanitized share metadata (text/template misuse)

Summary Stored XSS is possible via share metadata fields e.g., title, description that are rendered into HTML for /public/share/ without context-aware escaping. The server uses text/template instead of html/template, allowing injected scripts to execute when victims visit the share URL. Details T...

8.9CVSS6AI score0.00347EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/03/04 8:58 p.m.4 views

GHSA-8WHX-V8QQ-PQ64 changedetection.io has Reflected XSS in its RSS Tag Error Response

A reflected cross-site scripting XSS vulnerability was identified in the /rss/tag/ endpoint of changedetection.io. The taguuid path parameter is reflected directly in the HTTP response body without HTML escaping. Since Flask returns text/html by default for plain string responses, the browser...

6.1CVSS5.8AI score0.00282EPSS
Exploits1References6
OSV
OSV
added 2026/02/26 10:25 p.m.3 views

GHSA-QGVG-PR8V-6RR3 Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError...

5.3CVSS5.4AI score0.00226EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/26 4:16 a.m.5 views

CVE-2026-27645

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, the RSS single-watch endpoint reflects the UUID path parameter directly in the HTTP response body without HTML escaping. Since Flask returns text/html by default for plain string responses, the...

6.1CVSS5.4AI score0.00445EPSS
Exploits1References1
Snyk
Snyk
added 2026/02/25 9:18 a.m.1 views

Cross-site Scripting (XSS)

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rss/ endpoint, where the UUID path parameter is reflected in the HTTP response body without proper HTML escaping. An attacker can...

6.1CVSS5.7AI score0.00445EPSS
Exploits1References2
OSV
OSV
added 2026/02/24 4:3 p.m.17 views

GHSA-9FWW-8CPR-Q66R Isso affected by Stored XSS via comment website field

Impact This is a stored Cross-Site Scripting XSS vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, which left single and double quotes unescaped. Since the frontend inserts the website value directly into a single-quoted href...

6.1CVSS5.9AI score0.00216EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.4 views

CVE-2026-27120

Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...

6.1CVSS5.6AI score0.0023EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/21 12:0 a.m.8 views

PT-2026-21366

Name of the Vulnerable Software and Affected Versions Isso versions prior to 0afbfe0691ee237963e8fb0b2ee01c9e55ca2144 Description Isso, a lightweight commenting server written in Python and JavaScript, contains a stored Cross-Site Scripting XSS issue. The website and author comment fields are...

6.1CVSS5.6AI score0.00216EPSS
Exploits0References12
NVD
NVD
added 2026/02/20 10:16 p.m.8 views

CVE-2026-27120

Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...

6.1CVSS0.0023EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/20 9:27 p.m.31 views

CVE-2026-27120 Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster

Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...

6.1CVSS0.0023EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/20 9:27 p.m.4 views

CVE-2026-27120

Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...

6.1CVSS5.6AI score0.0023EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/20 9:27 p.m.16 views

CVE-2026-27120

Leaf-kit (templating library for Swift) before version 1.4.1 is vulnerable to HTML escaping bypass via extended grapheme clusters in htmlEscaped(), enabling potential XSS in attribute contexts when user-controlled variables are interpolated. The root cause is that htmlEscaped escapes only when th...

6.1CVSS5.5AI score0.0023EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/02/20 9:27 p.m.6 views

CVE-2026-27120 Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster

Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...

6.1CVSS5.6AI score0.0023EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/19 7:40 p.m.7 views

Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster

Summary htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character and some additional characters. In the case of html attributes, this c...

6.1CVSS5.6AI score0.0023EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder