12 matches found
EUVD-2024-51466
Malicious code in bioql PyPI...
TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-027
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to a persistent Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker needs...
Drupal TacJS module < 6.7.0 - Authenticated Cross Site Scripting (XSS) vulnerability
Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module TacJS versions 6.7.0...
The vulnerability of the TacJS module in the Drupal CMS system, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting attacks.
The vulnerability of the TacJS CMS system in Drupal is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...
CVE-2024-13252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal TacJS allows Cross-Site Scripting XSS.This issue affects TacJS: from 0.0.0 before 6.5.0...
CVE-2024-13252
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal TacJS allows Cross-Site Scripting XSS.This issue affects TacJS: from 0.0.0 before 6.5.0...
CVE-2024-13252 TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-016
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal TacJS allows Cross-Site Scripting XSS.This issue affects TacJS: from 0.0.0 before 6.5.0...
CVE-2024-13252
CVE-2024-13252 concerns TacJS, a Drupal-related module. The consolidated sources confirm a vulnerability due to improper neutralization of input during web page generation, resulting in Cross‑Site Scripting (XSS). Affected versions are TacJS 0.0.0 through 6.4.9, with a confirmed remediation in Ta...
CVE-2024-13252 TacJS - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-016
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal TacJS allows Cross-Site Scripting XSS.This issue affects TacJS: from 0.0.0 before 6.5.0...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal TacJS prior to version 6.5.0, which stems from improper input neutralization during page generation, resulting in a cross-site scripting vulnerabilit...
PT-2024-10136 · Tacjs · Tacjs
Name of the Vulnerable Software and Affected Versions: TacJS versions 0.0.0 through 6.4.9 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-Site Scripting XSS attacks. This can enable a remote attacker to perform inter-site...
TacJS - Moderately critical - Cross site scripting - SA-CONTRIB-2023-029
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied text leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker needs additional permissions. The...