26 matches found
Qwik 跨站脚本漏洞
Qwik is a micro-web framework developed by Qwik Dev. Versions of Qwik prior to 1.19.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from server-side rendering of virtual property serialization, which allowed remote attackers to inject arbitrary web scripts...
EUVD-2024-2469
Malicious code in bioql PyPI...
Qwik 安全漏洞
Qwik is a micro web framework open-sourced by Qwik Dev. A security vulnerability exists in Qwik versions prior to 1.13.0, which stems from an unhandled invalid qfunc error that could cause the service to crash...
CVE-2024-41677
Summary: CVE-2024-41677 describes a mutation XSS (mXSS) vulnerability in Qwik due to improper HTML escaping during server-side rendering. The issue arises from how strings are escaped in render-ssr.ts, causing the final browser DOM to differ from the server render. Affected versions: up to, but n...
qwik 跨站请求伪造漏洞
qwik is a micro web framework. A cross-site request forgery vulnerability exists in qwik versions prior to 0.104.0. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...
qwik 跨站脚本漏洞
qwik is a micro web framework. A cross-site scripting vulnerability exists in versions prior to qwik 0.1.0-beta5. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...