[SECURITY] Fedora 41 Update: libxml2-2.12.10-1.fc41

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 41 Update: libxml2-2.12.9-1.fc41

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

GHSA-RGG8-G5X8-WR9V Cross-site scripting (XSS) in the clipboard package

Impact During a recent internal audit, we identified a Cross-Site Scripting XSS vulnerability in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert a malicious...

PT-2024-31709 · Unknown · Ckeditor 5

Name of the Vulnerable Software and Affected Versions: CKEditor 5 versions 40.0.0 through 43.1.1 Description: A Cross-Site Scripting XSS issue is present in the CKEditor 5 clipboard package, which could be triggered by a specific user action, leading to unauthorized JavaScript code execution if a...

[SECURITY] Fedora 37 Update: w3m-0.5.3-58.git20220429.fc37

The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...

@8trhieu/ckeditor5-build-classic-custom (>=0.0.1 <=0.0.5), @abcxyz123321555/ckeditor5-build-test-version (>=0.8.3 <=0.8.8) +139 more potentially affected by CVE-2022-31175 via @ckeditor/ckeditor5-html-support (>=0.0.0-internal-20241017.0 <=34.2.0)

@ckeditor/ckeditor5-html-support NPM version =0.0.0-internal-20241017.0, =0.0.1, =0.8.3, =0.0.6, =1.1.0, =34.1.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0, =0.0.0-internal-20241017.0,...

CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying process

Affected packages @ckeditor/ckeditor5-markdown-gfm @ckeditor/ckeditor5-html-support @ckeditor/ckeditor5-html-embed Impact A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages. The vulnerability allowed to trigger a JavaScript code after fulfillin...

GHSA-42WQ-RCH8-6F6J CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying process

Affected packages @ckeditor/ckeditor5-markdown-gfm @ckeditor/ckeditor5-html-support @ckeditor/ckeditor5-html-embed Impact A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages. The vulnerability allowed to trigger a JavaScript code after fulfillin...

CVE-2022-31175

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...

UBUNTU-CVE-2022-31175

CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are...

The company's customer information and tracking management system CITMS 3.0 injection and upload vulnerabilities-vulnerability warning-the black bar safety net

Management system part of the function is as follows: （１）online add, modify, delete administrators （２）online add, modify, delete customer records, supporting HTML, etc.. （３）the front Desk recorded with the tracking function.． As well as the track record and the number of clicks on the display...

Fedora 10 : perl-5.10.0-52.fc10 (2008-11736)

CVE-2007-4829 perl-Archive-Tar directory traversal flaws. Update of Pod::Simple with better html support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...

[SECURITY] [DSA 163-1] New mhonarc packages fix cross site scripting problems

-------------------------------------------------------------------------- Debian Security Advisory DSA 163-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2002 http://www.debian.org/security/faq -...

DSA-163 mhonarc - cross site scripting

Bulletin has no description...