vxe-table Cross-site Scripting vulnerability

A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...

CVE-2023-1001 xuliangzhan vxe-table vxe-textarea textarea.js export cross site scripting

A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...

CVE-2023-1001 xuliangzhan vxe-table vxe-textarea textarea.js export cross site scripting

A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...

CVE-2023-1001

The CVE-2023-1001 entry concerns xuliangzhan vxe-table (up to 3.7.9) where the textarea.js export function inputValue is vulnerable to cross-site scripting. The vulnerability is exploitable remotely and is caused by improper handling of inputValue in the vxe-textarea component. Upgrade to version...

PT-2024-11932

Name of the Vulnerable Software and Affected Versions xuliangzhan vxe-table versions up to 3.7.9 Description A problematic issue has been found in the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to...

Input validation

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type "TextArea" and content type "VelocityCode" or "VelocityWiki". For the...

Malicious Package

Overview usaa-textarea is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in usaa-textarea (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad9e749953d9e8eb66321b28e98c931db7f5ae5358f78eeb430c99622841f8ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-926 Malicious code in usaa-textarea (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad9e749953d9e8eb66321b28e98c931db7f5ae5358f78eeb430c99622841f8ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2023-4804 · Ckeditor4 +3 · Ckeditor4 +3

Name of the Vulnerable Software and Affected Versions: CKEditor4 versions prior to 4.21.0 Description: A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages in CKEditor4. The vulnerability may trigger a JavaScript code after fulfilling special...

SUSE CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service application crash from null dereference or infinite loop via a web page that contains a 1 TEXTAREA, 2 INPUT, 3 FRAMESET or 4 IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme...

SUSE CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

SUSE CVE-2010-1762

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...

SUSE CVE-2010-2301

Cross-site scripting XSS vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762...

SUSE CVE-2019-11744

Some HTML elements, such as title and textarea, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if...

CVE-2012-10005

A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site...

CVE-2012-10005

CVE-2012-10005 affects the manikandan170890 php-form-builder-class, specifically the PFBC/Element/Textarea.php component (Textarea Handler). The vulnerability arises from improper handling of the value argument, enabling cross-site scripting (XSS) and allowing a remote attacker to exploit it. The...

CVE-2012-10005 manikandan170890 php-form-builder-class Textarea Textarea.php cross site scripting

A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site...

php-form-builder-class 跨站脚本漏洞

php-form-builder-class is an application by manikandan170890, an individual developer. A cross-site scripting vulnerability exists in php-form-builder-class, which stems from a problem with an unknown function in the PFBC/Element/Textarea.php file in the component Textarea Handler, where...

PT-2023-9942 · Unknown · Php-Form-Builder-Class

Name of the Vulnerable Software and Affected Versions: manikandan170890 php-form-builder-class affected versions not specified Description: A vulnerability has been found in the Textarea Handler component of the php-form-builder-class, specifically in the file PFBC/Element/Textarea.php. The...