5777 matches found
CVE-2026-43898 SandboxJS: Sandbox escape via Function.caller leakage of internal call op
SandboxJS is a JavaScript sandboxing library. Prior to 0.9.6, sandbox-defined functions expose Function.caller, allowing sandboxed code to recover the internal LispType.Call runtime callback. That callback can then be invoked with attacker-controlled fake context and obj values to extract blocked...
Cross-site Scripting (XSS)
Overview tinymce/tinymce is a web-based JavaScript HTML WYSIWYG editor control. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of SVG namespace scope by the sanitizer. An attacker can execute arbitrary JavaScript by crafting a payload with neste...
pyLoad 安全漏洞
pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained security vulnerabilities. These vulnerabilities stemmed from the packages.js template, which interpolated the stored link URLs into the template literals within HTML tags with single...
SandboxJS 安全漏洞
SandboxJS is a security assessment tool developed by nyariv. Versions of SandboxJS prior to 0.9.6 contained a security vulnerability. This vulnerability stemmed from functions defined in the sandbox that exposed Function.caller, potentially allowing sandbox-constructed code to restore internal...
PT-2026-44538
Name of the Vulnerable Software and Affected Versions ScadaBR version 1.2.0 Description Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. These scripts execute with full access, enabling complete system compromise as commands are executed as...
PT-2026-44389
Name of the Vulnerable Software and Affected Versions TinyMCE versions 6.8.0 through 7.0.x Description An XSS Cross-Site Scripting issue exists due to improper SVG namespace scope handling within the sanitizer. An attacker can use a crafted payload with nested elements to bypass attribute...
📄 WebFileSys 2.31.1 Cross Site Scripting
WebFileSys version 2.31.1 suffers from multiple cross site scripting vulnerabilities. CVE-2026-29971 An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation. CVE-2026-29971 Vulnerability Reflected Cross-Site Scripting...
CVE-2026-42877
FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...
CVE-2025-68709
SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...
CVE-2026-45719 Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API
Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API POST /api/views accepts a calculation parameter from the request body that is interpolated directly into a CouchDB reduce function definition without validation. Although an internal SCHEMAMAP object defines the valid...
CVE-2026-45719
Budibase is vulnerable to CouchDB reduce injection via the V1 Views API (POST /api/views) where the calculation parameter is interpolated into a CouchDB reduce function without validation. A Builder-permission user can inject arbitrary JavaScript into the reduce function, which CouchDB executes w...
CVE-2026-48149
CVE-2026-48149 affects Budibase prior to version 3.39.0, where the Budibase Text component in Markdown mode rendered markdown by assigning marked.parse(markdown) directly to innerHTML without sanitization (MarkdownViewer.svelte:22). This creates a stored-XSS sink in any column bound to a Text com...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the list field process. An attacker can execute arbitrary JavaScript code in the browsers of site visitors and logged-in users by injecting malicious HTML content into the list field, which is then rendered ...
CVE-2026-44903 Prometheus: Stored XSS via crafted histogram bucket label values in the heatmap display of the old Prometheus web UI
Prometheus is an open-source monitoring system and time series database. From 2.49.0 to before 3.5.3 and 3.11.3, in the Prometheus server's legacy web UI enabled via the command-line flag --enable-feature=old-ui, the histogram heatmap chart view does not escape le label values when inserting them...
CVE-2026-22678
Webmin before 2.641 contains a stored cross-site scripting vulnerability in the email template description field of the System and Server Status module that allows low-privileged authenticated attackers to execute arbitrary JavaScript in the browser context of administrators by injecting...
CVE-2025-68709
SailingLab AppLock (com.alpha.applock) Android app, version 4.3.8, is affected. The vulnerability arises in BrowserMainActivity, which accepts VIEW intents with javascript: URIs, allowing local attackers to trigger arbitrary JavaScript execution. This unsafe navigation path can lead to UI spoofin...
CVE-2025-68709
SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...
CVE-2025-68709
SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...
PT-2026-43381
SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URIs. This unsafe navigation path results in script execution and may allow UI spoofing or privilege...
Malicious code in cxpher-linux-arm32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd6c14d2899b638880b25bf1c35973ed1c9cf6fcb99331447e3da7c2478124c7 The package's main is an ARM ELF binary that, when loaded, mkdtemp's a working directory under /dev/shm/.cxpher.XXXXXX or /tmp/.cxpher.XXXXXX, writes...