26 matches found
Amazon Linux 2 : perl-Template-Toolkit, --advisory ALAS2-2026-3345 (ALAS-2026-3345)
The version of perl-Template-Toolkit installed on the remote host is prior to 2.24-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3345 advisory. emplate::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter functi...
Medium: perl-Template-Toolkit
Issue Overview: emplate::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly...
Amazon Linux 2023 : perl-Template-Toolkit (ALAS2023-2026-1797)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1797 advisory. emplate::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be...
Medium: perl-Template-Toolkit
Issue Overview: emplate::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly...
Lyrion Music Server 9.2.0 (server.log) Unauthenticated Stored XSS
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Template-Toolkit vulnerability (USN-8377-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8377-1 advisory. It was discovered that Template-Toolkit did not properly escape single quotes in the htmlfilter function of Template::Plugin::HTML...
USN-8377-1: Template-Toolkit vulnerability
It was discovered that Template-Toolkit did not properly escape single quotes in the htmlfilter function of Template::Plugin::HTML. An attacker could possibly use this issue to inject arbitrary HTML and JavaScript into generated output...
USN-8377-1 libtemplate-perl vulnerability
It was discovered that Template-Toolkit did not properly escape single quotes in the htmlfilter function of Template::Plugin::HTML. An attacker could possibly use this issue to inject arbitrary HTML and JavaScript into generated output...
PT-2026-46108
It was discovered that Template-Toolkit did not properly escape single quotes in the html filter function of Template::Plugin::HTML. An attacker could possibly use this issue to inject arbitrary HTML and JavaScript into generated output...
MGASA-2026-0166 Updated perl-Template-Toolkit packages fix security vulnerability
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. CVE-2026-5090...
Updated perl-Template-Toolkit packages fix security vulnerability
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. CVE-2026-5090...
EUVD-2022-41597
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-39051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package CVE-2022-39051 Not...
SUSE CVE-2022-39051
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...
CVE-2022-39051
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...
CVE-2022-39051
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...
Code injection
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...
CVE-2022-39051
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...
UBUNTU-CVE-2022-39051
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...
CVE-2022-39051
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package...