310 matches found
Mermaid 安全漏洞
Mermaid is an open-source application developed by mermaid-js. It uses text and code to create charts and visualizations. Mermaid versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, have security vulnerabilities. These vulnerabilities stem from HTML injection under default...
Umbraco.Cms: XSS/HTML Injection in Umbraco Backoffice confirmation dialog
Impact Authenticated users are able to inject HTML vulnerability into an input field, which is rendered in the confirmation dialog without proper output encoding. Patches This issue has been patched in 17.4.0...
CVE-2026-26028 CryptPad: Sanitizer Bypass in Diffmarked.js Allows Arbitrary HTML Injection and Potential XSS
CryptPad is an end-to-end encrypted collaborative office suite. In versions prior to 2026.2.0, the HTML sanitizer in Diffmarked.js can be bypassed due to incomplete attribute filtering on restricted tags. The sanitizer validates only the src attribute of , , and elements, leaving all other...
CVE-2026-5090
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...
CVE-2025-40903
A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...
CVE-2025-40902
A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a malicious user whose username contains HTML tags. When a victim attempts to delete a group containing...
CVE-2025-40904
A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...
PT-2026-41891
A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...
PT-2026-41888
A Stored HTML Injection vulnerability was discovered in the Credentials Manager functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious identity containing HTML tags. When a victim attempts to delete the affected...
EUVD-2026-30356
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar community marketplace renders the name and version fields of a package's plugin.json and the equivalent theme.json / template.json / widget.json / icon.json into the Settings → Marketplace UI without HT...
CVE-2026-44245
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 2.5.2, Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses...
CVE-2026-42554
CVE-2026-42554 describes an XSS in Fiber’s AutoFormat content negotiation. Affected: GoFiber/v3 up to 3.1.0 and GoFiber/v2 up to 2.52.12. Root cause: the html branch of AutoFormat can emit raw, attacker-influenced data wrapped in HTML when the client sends Accept: text/html, enabling injection of...
GHSA-GHCM-XQFW-Q4VR Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection
Impact Under the default configuration, Mermaid state diagram's classDef allow DOM injection that escapes the SVG, although tags are removed, preventing XSS. Proof-of-concept stateDiagram-v2 classDef xss...
PT-2026-39285
Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.0 Description An issue exists in the tooltip mouseover handler where the software reads the aria-label attribute and processes it using decodeURIComponent before assigning the result to messageElement.innerHTML. Th...
CVE-2026-6002 HTML Injection in DivvyDrive Information Technologies' DivvyDrive
Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...
NPM: hono/jsx has Unvalidated JSX Tag Names that May Allow HTML Injection
NPM: hono/jsx has Unvalidated JSX Tag Names that May Allow HTML Injection vulnerability discovered by ? in WordPress Npm hono versions 4.12.16...
CVE-2026-7939
Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
HTML Injection
github.com/abhinavxd/libredesk is vulnerable to stored HTML injection. The vulnerability is due to improper sanitization of user input in the contact notes feature, which allows an attacker to inject arbitrary HTML by manipulating the request and exploit it to perform phishing, CSRF-style actions...
DeepL for Chrome 跨站脚本漏洞
DeepL for Chrome is an open-source translation extension for the Chrome browser developed by DeepL. Versions 1.22.0 to 1.23.0 of DeepL for Chrome contain a cross-site scripting vulnerability. This vulnerability allows attackers to execute arbitrary scripts in the user’s browser and inject malicio...
CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...