CVE-2017-18871

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service application crash via an @ character before a JavaScript field name...

SUSE CVE-2017-18871

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service application crash via an @ character before a JavaScript field name...

GO-2025-4184 Mattermost Server vulnerable to Denial of Service through `@` character prefix inserted into JavaScript field names in github.com/mattermost/mattermost-server

Mattermost Server vulnerable to Denial of Service through @ character prefix inserted into JavaScript field names in github.com/mattermost/mattermost-server...

CVE-2025-9992

The Ghost Kit – Page Builder Blocks, Motion Effects & Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS field in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

CVE-2025-9992

The CVE-2025-9992 entry concerns Ghost Kit – Page Builder Blocks, Motion Effects & Extensions for WordPress. It is vulnerable to Stored Cross-Site Scripting via the custom JS field in all versions up to and including 3.4.3, due to insufficient input sanitization and output escaping. Exploitation ...

GHSA-JC6W-8R7F-VMP5 Mattermost Server vulnerable to Denial of Service through `@` character prefix inserted into JavaScript field names

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service application crash via an @ character before a JavaScript field name...

Unspecified Vulnerability in Mattermost Server (CNVD-2020-35446)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server, which can be exploited by an attacker to cause a denial of service application crash with the help of the @ character before the JavaScript fiel...

CVE-2017-18871

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service application crash via an @ character before a JavaScript field name...

Design/Logic Flaw

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service application crash via an @ character before a JavaScript field name...

CVE-2018-20634

PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service changed Page structure via JavaScript code in the First Name field...

PHP Scripts Mall Advance B2B Script Denial of Service Vulnerability

PHP Scripts Mall Advance B2B Script is a set of PHP-based scripts for B2B business-to-business trading websites. A denial of service vulnerability exists in PHP Scripts Mall Advance B2B Script 2.1.4, which can be exploited by remote attackers to cause a denial of service via JavaScript code in th...