CVE-2026-44068

CVE-2026-44068 affects Netatalk 2.1.0–4.4.2. The issue is an incomplete sanitization of extended attribute (EA) path components, enabling path traversal. A fix is available in Netatalk 4.4.3 (and later). The NVD entry notes a CVSSv3.1 base score of 7.6 (HIGH) with network vector, low attack compl...

CVE-2026-42857 Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

CVE-2026-41067

Summary: CVE-2026-41067 affects Astro’s SSR pipeline, where defineScriptVars sanitizes inline script values using a case-sensitive //g regex. This fails to match closing script tags when payloads use case variants (e.g., ), whitespace before > (), or self-closing forms (), allowing injected HT...

CVE-2026-40568 FreeScout Vulnerable to XSS via Mailbox Signature Due to Incomplete HTML Sanitization

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting XSS vulnerability in the mailbox signature feature. The sanitization function Helper::stripDangerousTags app/Misc/Helper.php:568 uses an incomplete blocklist of only four HTM...

CVE-2026-40568

Summary (CVE-2026-40568) : FreeScout prior to version 1.8.213 contains a stored XSS in the mailbox signature due to incomplete HTML sanitization in Helper::stripDangerousTags(). The sanitizer blocks only four tags (script, form, iframe, object) and misses event-handler attributes, allowing HTML e...

CVE-2026-40568 FreeScout Vulnerable to XSS via Mailbox Signature Due to Incomplete HTML Sanitization

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting XSS vulnerability in the mailbox signature feature. The sanitization function Helper::stripDangerousTags app/Misc/Helper.php:568 uses an incomplete blocklist of only four HTM...

CVE-2026-31859 Craft has Reflective XSS via incomplete return URL sanitization

Craft is a content management system CMS. The fix for CVE-2025-35939 in craftcms/cms introduced a striptags call in src/web/User.php to sanitize return URLs before they are stored in the session. However, striptags only removes HTML tags angle brackets -- it does not inspect or filter URL schemes...

Arbitrary Code Execution

Orval is vulnerable to Arbitrary Code Execution. The vulnerability is due to incomplete sanitization of untrusted input during code generation, where insufficient escaping in jsStringEscape allows attackers to inject executable JavaScript using only non-alphanumeric characters via JSFuck...

EUVD-2023-24255

Malicious code in bioql PyPI...

GHSA-7RCC-Q6RQ-JPCM DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field

Summary Users can use special syntax to inject javascript code in their profile biography field. Although there was sanitization in place, it did not cover all possible scenarios Description When embedding information in the Biography field, even if that field is not rich-text, users could inject...

CVE-2024-8620

The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Nextcloud Server 27.x < 27.1.10, 28.x < 28.0.6, 29.x < 29.0.1 Incomplete Sanitization Vulnerability

Nextcloud Server is prone to an incomplete sanitization vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Open-Xchange: Incomplete HTML sanitization + Session id leaking + private information disclosure

Hello, I have found a chain of events that lead to session id leaking, witch can be then used to gather private data about other added inboxes to account / login id and some other infos. Unfortunatelly for me I wasn't able to make a hostile account takeover because of you session id + cookie...

Cisco Integrated Management Controller Denial of Service Vulnerability (cisco-sa-20151211-imc)

A vulnerability in Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to make the IMC IP interface inaccessible. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...