9 matches found
Cross-Site Scripting (XSS)
code16/sharp is vulnerable to Cross-Site Scripting XSS.The vulnerability is due to improper handling of expressions wrapped in & within the SharpShowTextField component, which are evaluated by Vue, allowing an attacker to inject and execute arbitrary JavaScript or HTML in a user’s browser when th...
Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax
A Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. This allowed attackers to inject arbitrary JavaScript or HTML that executes in the browser...
EUVD-2025-36569
Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax...
GHSA-9F58-4465-23C7 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax
A Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. This allowed attackers to inject arbitrary JavaScript or HTML that executes in the browser...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the SharpShowTextField component when rendering user-supplied input containing Vue template syntax. An attacker can execute arbitrary JavaScript or inject malicious HTML by submitting specially crafted...
CVE-2025-62798
Sharp is a content management framework built for Laravel as a package. Prior to 9.11.1, a Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. Thi...
CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax
Sharp is a content management framework built for Laravel as a package. Prior to 9.11.1, a Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. Thi...
CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax
Sharp is a content management framework built for Laravel as a package. Prior to 9.11.1, a Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. Thi...
CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax
Sharp is a content management framework built for Laravel as a package. Prior to 9.11.1, a Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. Thi...