239 matches found
PT-2025-16136 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: Mediawiki Core - Feed Utils versions 1.39 through 1.43 Description: The issue is related to improper encoding or escaping of output, which allows WebView Injection. This is a problem where output is not properly encoded or escaped, potentiall...
MediaWiki 安全漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the Wikimedia USA Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki - A security vulnerability exists in Confirm Account Extension versions 1.39 throug...
CVE-2025-30657
An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for flow-monitoring receives a specific BGP update message, i...
Improper Encoding or Escaping of Output
Overview django-tomselect is a Django autocomplete widgets and views using Tom Select Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in form widget input, including the labelfield parameter. An attacker can hide the contents between tags in code from...
Cross-Site Scripting (XSS)
clickstorm/cs-seo is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper encoding of user input in the TYPO3 backend user interface, allowing a logged-in backend user to inject malicious scripts...
CVE-2024-50629
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to read limited files via unspecified vectors...
CVE-2024-50629
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to read limited files via unspecified vectors...
Synology DiskStation Manager(DSM)和Synology BeeStation Manager 安全漏洞
Synology DiskStation Manager DSM and Synology BeeStation Manager are both products of China-based Synology Corporation.Synology DiskStation Manager is an operating system for use on networked storage servers NAS. The operating system manages information such as data, files, photos, music, etc...
Reflected Cross-Site Scripting (Reflected XSS)
laravel/framework is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to improper encoding of route parameters in the debug-mode error page, allows an attacker to inject and execute malicious scripts in a victim’s browser by tricking them into visiting a...
Reflected Cross-Site Scripting (Reflected XSS)
laravel/framework is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to improper encoding of request parameters in the debug-mode error page, allowing user input to be reflected without proper sanitization...
GHSA-83WP-F5C3-HQQR Laravel framework susceptible to reflected cross-site scripting
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...
GHSA-546H-56QP-8JMW Laravel framework susceptible to reflected cross-site scripting
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...
Cross-site Scripting (XSS)
Overview laravel/framework is a PHP framework for web artisans. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper encoding of route parameters in the debug-mode error page. When the application is in debug mode APPDEBUG=true and encounters an error, the...
CVE-2024-13919
The CVE-2024-13919 entry concerns Laravel framework versions 11.9.0 to 11.35.1, which are vulnerable to reflected cross-site scripting due to improper encoding of route parameters on the debug-mode error page. Affected component: Laravel routing/debug-mode error page handling. Root cause (as stat...
CVE-2024-13918 Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page
The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...
Python Improper Encoding of Output Vulnerability (Feb 2025) - Mac OS X
Python is prone to an improper encoding of output vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
CVE-2024-56277
Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through 5.5.5...
CVE-2024-37284
Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing th...
CVE-2024-37284 Elastic Defend Improper Handling of Alternate Encoding Leads to Crash
Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing th...
Improper Encoding or Escaping of Output
Overview koji is a system for building and tracking RPMS. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output due to improper user input sanitization. Remediation Upgrade koji to version 1.33.2, 1.34.3, 1.35.1 or higher. References - Koji Commit - Koji Issu...