3 matches found
CVE-2024-29191
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...
Joplin 跨站脚本漏洞
Joplin is an open source notes and to-do list application. versions prior to Joplin Desktop App 1.8.5 are vulnerable to a cross-site scripting vulnerability, which stems from improper html cleanup and can be exploited to execute arbitrary code...
WordPress plugin 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress Master Addons for Elementor plugin versions prior to 1.8.5 contain a cross-site scripting vulnerability that stems from the plugin's...