2 matches found
CVE-2026-44896 Mistune: XSS via unescaped figclass/figwidth in Figure directive
Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and earlier, in src/mistune/directives/image.py, the renderfigure function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when...
ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities
ESA-2012-055.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities EMC Identifier: ESA-2012-055 CVE Identifier: CVE-2012-4612, CVE-2012-4613 Severity Rating: See below for individual scores and refer vendor advisories for component...