141 matches found
MCP Registry vulnerable to stored XSS in catalogue UI via attribute-quote breakout in publisher-controlled `websiteUrl`
Summary The public catalogue UI served at GET / file internal/api/handlers/v0/uiindex.html is vulnerable to stored cross-site scripting via the server.websiteUrl field of any published server.json. Server-side validation in internal/validators/validators.go validateWebsiteURL only checks that the...
CVE-2026-41692
i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 4.0.8 substitute key interpolation tokens inside src and href attribute values with the raw string returned by i18next.t. The substitution logic in...
CVE-2026-41692 i18nextify is vulnerable to DOM XSS via javascript:/data: URL schemes in translated href/src attributes
i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 4.0.8 substitute key interpolation tokens inside src and href attribute values with the raw string returned by i18next.t. The substitution logic in...
CVE-2026-41692 i18nextify is vulnerable to DOM XSS via javascript:/data: URL schemes in translated href/src attributes
i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 4.0.8 substitute key interpolation tokens inside src and href attribute values with the raw string returned by i18next.t. The substitution logic in...
i18nextify 跨站脚本漏洞
i18nextify is an open-source Java library application developed by i18next. Versions prior to i18nextify 4.0.8 contained a cross-site scripting vulnerability. This vulnerability stemmed from the key interpolation token in the src and href attribute values, which did not validate the URL scheme...
Cross-site Scripting (XSS)
Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Cross-site Scripting XSS via the decodeAllEntities function. An attacker can execute arbitrary JavaScript in the context of the application origin by...
PT-2026-36594
The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...
CVE-2026-40565
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify function in app/Misc/Helper.php converts plain-text URLs in email bodies into HTML anchor tags without escaping double-quote characters " in the URL. HTMLPurifier called first via...
Exploit for CVE-2025-14893
CVE-2025-14893: Authenticated Stored Cross-Site Scripting XSS...
Emissary 跨站脚本漏洞
Emissary is a distributed P2P data-driven workflow framework developed by the National Security Agency. Versions of Emissary prior to 8.39.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Mustache navigation template directly inserting configured link values...
GHSA-CJMM-F4JC-QW8R DOMPurify ADD_ATTR predicate skips URI validation
Summary DOMPurify allows ADDATTR to be provided as a predicate function via EXTRAELEMENTHANDLING.attributeCheck. When the predicate returns true, isValidAttribute short-circuits the attribute check before URI-safe validation runs. An attacker who supplies a predicate that accepts specific...
Cross-site Scripting (XSS)
Overview trix is a Rich Text Editor. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the StringPiece.fromJSON function. An attacker can execute arbitrary JavaScript in the context of the victim's browser by tricking a user into dragging and dropping a crafted...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the handling of WebSocket messages for document structure updates in the Seadoc editor. An attacker can execute arbitrary JavaScript code in the context of other users by injecting malicious payloads...
PT-2026-25807
Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting XSS vulnerability in the session category listing page. The keyword parameter from $ REQUEST is echoed directly into an HTML href attribute without any encoding or...
SiYuan 跨站脚本漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from the SVG cleaner’s inability to properly check the javascript: prefix in href attributes, allowi...
CVE-2025-71164
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...
UBUNTU-CVE-2026-22610
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...
CVE-2026-22610 Angular has XSS Vulnerability via Unsanitized SVG Script Attributes
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...
CVE-2019-12173
MacDown 0.7.1 870 allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138...
Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...