SiYuan 跨站脚本漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan from 2.1.12 to 3.7.0 had a cross-site scripting vulnerability. This vulnerability stemmed from unescaped metadata in the Bazaar marketplace rendering packages, which could lead to storage-based...

Flowsint 跨站脚本漏洞

Flowsint is an open-source intelligence visualization tool developed by reconurge. Versions of Flowsint prior to 1.2.3 contained a cross-site scripting vulnerability. This vulnerability stemmed from map node tags containing arbitrary HTML, which could lead to storage-based cross-site scripting...

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. Adobe Commerce has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting issue. This vulnerability could allow high-privilege attacke...

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. Adobe Commerce has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting issue. This vulnerability could allow high-privilege attacke...

Audiobookshelf 跨站脚本漏洞

Audiobookshelf is an open-source, self-hosted server for audio books and podcasts. Versions of Audiobookshelf prior to 2.33.0 had a cross-site scripting vulnerability. This vulnerability occurred due to the login page not properly cleaning the authLoginCustomMessage field, allowing for...

MISP 跨站脚本漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes functions such as analysis of threats to network security and malware analysis. Versions of MISP prior to 2.5.37...

WordPress Plugin Image Widget 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

ProjeQtOr 跨站脚本漏洞

ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain cross-site scripting vulnerabilities. These vulnerabilities stem from the checkValidHtmlText function in the Security.php file, which improperly cleans user input,...

October 跨站脚本漏洞

October is an open-source content management system CMS and online platform developed by October. Versions prior to October 3.7.14 and 4.1.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of marker class field inputs in the backend editor...

Docmost 跨站脚本漏洞

Docmost is an open-source collaborative wiki and documentation software developed by Docmost. Versions of Docmost prior to 0.70.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of MIME type deception, which could lead to storage-based cross-site...

Pachno 跨站脚本漏洞

Pachno is an open-source collaboration platform developed by Pachno. Version 1.0.6 of Pachno contains a cross-site scripting vulnerability, which stems from improper cleaning of POST parameters. This vulnerability may lead to storage-based cross-site scripting attacks...

AIL framework 跨站脚本漏洞

AIL framework is a modular information leakage analysis framework developed as open source within the AIL project. It is used to analyze potential information leaks from unstructured data sources. Prior to version 6.8 of the AIL framework, there was a cross-site scripting vulnerability. This...

WordPress plugin Qubely 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin WPBITS Addons For Elementor Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin AM LottiePlayer 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Livemesh Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

Open Source Point of Sale 跨站脚本漏洞

Open Source Point of Sale is an open-source sales point system based on the internet. Versions of Open Source Point of Sale prior to 3.4.3 had a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the stocklocation parameter input, which could lead to...

Bludit 跨站脚本漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Versions 3.17.2 and 3.18.0 of Bludit contain cross-site scripting vulnerabilities. These vulnerabilities stem from a storage-based cross-site scripting flaw in the page creation function. This allows...

MLflow 跨站脚本漏洞

MLFlow is an open-source platform that simplifies machine learning development. It includes features like tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLFlow prior to 3.10.1 contain a cross-site scripting vulnerability. This vulnerabili...

WordPress plugin Shortcodes Ultimate 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...