Lucene search
K

196 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-59895

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.0.0 before 4.12.27, cx in hono/css composes class names from plain strings but marks the result as already escaped without HTML-escaping the input, allowing untrusted className values used in a JSX class...

6.1CVSS0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 6 days ago4 views

CVE-2026-59895

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.0.0 before 4.12.27, cx in hono/css composes class names from plain strings but marks the result as already escaped without HTML-escaping the input, allowing untrusted className values used in a JSX class...

6.1CVSS6.1AI score0.00187EPSS
Exploits0References4Affected Software1
NVD
NVD
added 6 days ago7 views

CVE-2026-56283

Capgo before 12.128.2 contains an html injection vulnerability in the organization settings endpoint that allows attackers to inject malicious HTML content. Attackers can craft payloads in the organization name field to redirect users to untrusted websites, enabling phishing attacks and...

5.4CVSS0.00138EPSS
Exploits0References2
CVE
CVE
added 6 days ago10 views

CVE-2026-56283

Capgo before 12.128.2 contains an HTML injection vulnerability in the organization settings endpoint. Attackers can inject malicious HTML into the organization name field, enabling an open redirection to untrusted websites, which could facilitate phishing and reputational damage. The CVE entry no...

5.4CVSS6AI score0.00138EPSS
Exploits0References2
OSV
OSV
added 6 days ago7 views

CVE-2026-55437 Coder vulnerable to stored HTML injection via workspace agent logs in AgentLogLine component

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, the AgentLogLine dashboard component instantiated ansi-to-html without escapeXML: true and inserted the result via dangerouslySetInnerHTML so HTML embedded...

5.4CVSS6AI score0.00316EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 9:12 p.m.5 views

GHSA-7QW2-F75V-62F7 Coder vulnerable to stored HTML injection via workspace agent logs in AgentLogLine component

Summary The AgentLogLine dashboard component instantiated ansi-to-html without escapeXML: true and inserted the result via dangerouslySetInnerHTML so HTML embedded in workspace agent log lines was rendered as live markup. Server-side sanitization did not neutralize HTML metacharacters. Note:...

5.4CVSS6.1AI score0.00316EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 3:16 p.m.15 views

CVE-2026-57534

Malicious HTML content could be injected into the content of a page in the pretix-pages plugin...

2.1CVSS0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 11:53 a.m.6 views

EUVD-2026-38757

hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using malformed attribute names. Attackers can craft specially crafted attribute keys containing characters like quotes or angle brackets to break html tag...

5.3CVSS6AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 7:16 p.m.15 views

CVE-2026-46490

samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text e.g., are not escaped. A normal user can inject XML markup into an attribute value e.g., email, name and add new elemen...

8.8CVSS0.00383EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-9309

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

5.4CVSS5.7AI score0.00157EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:28 p.m.14 views

EUVD-2026-34319

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-editor permissions can store arbitrary HTML/JavaScript in the ChartDatasetConfig.legend field. The...

7.6CVSS6AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/30 8:13 a.m.16 views

CVE-2026-41897

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 8:41 p.m.20 views

EUVD-2026-31995

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

6.1CVSS5.9AI score0.00228EPSS
Exploits1References2
OSV
OSV
added 2026/05/21 8:43 p.m.11 views

GHSA-VR9V-27GG-QGX4 Umbraco.Cms: XSS/HTML Injection in Umbraco Backoffice confirmation dialog

Impact Authenticated users are able to inject HTML vulnerability into an input field, which is rendered in the confirmation dialog without proper output encoding. Patches This issue has been patched in 17.4.0...

4.6CVSS5.7AI score0.00136EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42665

Name of the Vulnerable Software and Affected Versions samlify versions prior to 2.13.0 Description samlify is a Node.js library for SAML single sign-on. The template substitution mechanism only escapes attribute contexts, meaning values inserted into element text, such as , are not escaped. This...

8.8CVSS5.5AI score0.00383EPSS
Exploits2References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Using markup injection, an attacker could steal nonce values. This could be used to bypass strict content security policies. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

6.1CVSS6.6AI score0.00704EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/19 1:22 p.m.6 views

CVE-2025-40903

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS5.8AI score0.00194EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.12 views

SiYuan 跨站脚本漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.7.0 had a cross-site scripting vulnerability. This vulnerability occurred because the view name stored in the kernel did not undergo HTML escaping, allowing HTML injection and ultimate...

9.4CVSS5.7AI score0.00509EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 2:50 p.m.11 views

EUVD-2026-28652

Brave CMS is an open-source CMS. Prior to commit 6c56603, the contact form is publicly accessible no authentication required. User-supplied message text is passed through PHP's nl2br function, which converts newlines to tags but does not escape HTML. The resulting string is then passed to a Blade...

7.1CVSS5.9AI score0.00271EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.10 views

SUSE CVE-2026-41674

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...

8.7CVSS5.9AI score0.00457EPSS
Exploits0References3
Rows per page
Query Builder