852 matches found
CVE-2025-62265
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
CVE-2025-62265
Cross-site scripting XSS vulnerability in the Blogs widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allow...
EUVD-2021-13949
Malware in sbrugna...
EUVD-2017-6818
Malware in sbrugna...
EUVD-2016-1430
Malware in sbrugna...
CVE-2025-50538
Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log...
EUVD-2024-37898
Malicious code in bioql PyPI...
EUVD-2022-51411
Malicious code in bioql PyPI...
EUVD-2022-5270
Malicious code in bioql PyPI...
EUVD-2021-34085
Malicious code in bioql PyPI...
EUVD-2022-2146
Malicious code in bioql PyPI...
EUVD-2022-40946
Malicious code in bioql PyPI...
EUVD-2025-21134
Malicious code in bioql PyPI...
EUVD-2022-39894
Malicious code in bioql PyPI...
EUVD-2024-16545
Malicious code in bioql PyPI...
EUVD-2022-51414
Malicious code in bioql PyPI...
CVE-2024-13066 iFrame Injection in Akinsoft's LimonDesk
Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...
CVE-2025-51591
A Server-Side Request Forgery SSRF flaw has been discovered in Pandoc. Maliciously crafted input can inject an iframe into pdf output. Mitigation When ingesting untrusted input users are advised to Pandoc's --sandbox option...
CVE-2025-51591
A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...
PT-2025-29230
Name of the Vulnerable Software and Affected Versions JGM Pandoc version 3.6.4 Description A Server-Side Request Forgery SSRF issue exists in JGM Pandoc version 3.6.4. This flaw allows attackers to potentially compromise the entire infrastructure by injecting a crafted iframe. Reports indicate...