GHSA-W4HP-W536-JG64 AVideo: DOM XSS via Unsanitized Display Name in WebSocket Call Notification

Summary The AVideo YPTSocket plugin's caller feature renders incoming call notifications using the jQuery Toast Plugin, passing the caller's display name directly as the heading parameter. The toast plugin constructs the heading as raw HTML '' + heading + '' and inserts it into the DOM via jQuery...

CVE-2026-21855

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting XSS vulnerability in the toast notification system allows any attacker to execute arbitrary JavaScript in the context of a victim's browser session by crafting a malicious...

CVE-2026-21855 Tarkov Data Manager has Unauthenticated Reflected XSS

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting XSS vulnerability in the toast notification system allows any attacker to execute arbitrary JavaScript in the context of a victim's browser session by crafting a malicious...

CVE-2026-21855

The CVE-2026-21855 entry concerns Tarkov Data Manager. A reflected XSS in the toast notification system allowed an attacker to execute arbitrary JavaScript in a victim’s browser session via a crafted URL, affecting versions prior to 02 January 2025. A series of fix commits on 02 January 2025 addr...

EUVD-2026-1400

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting XSS vulnerability in the toast notification system allows any attacker to execute arbitrary JavaScript in the context of a victim's browser session by crafting a malicious...

PT-2026-2103

Name of the Vulnerable Software and Affected Versions Tarkov Data Manager versions prior to 02 January 2025 Description The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting XSS vulnerability exists in the toast notification...

Tarkov Data Manager 跨站脚本漏洞

Tarkov Data Manager is a database management tool from The Hideout open source. A cross-site scripting vulnerability exists in versions of Tarkov Data Manager prior to 02/01/2025, which stems from the presence of reflective cross-site scripting in the toast notification system that could lead to ...

Linux Distros Unpatched Vulnerability : CVE-2023-6870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the error or succeed methods in an Avo::BaseAction subclass. An attacker can execute arbitrary scripts in the context of the user's browser session by injecting unsanitized HTML content into toast...

SUSE CVE-2023-6870

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...

May 23, 2023—KB5026435 (OS Build 19045.3031) Preview

May 23, 2023—KB5026435 OS Build 19045.3031 Preview 3/21/23 REMINDER After March 21, 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates known as the "B" or...

March 28, 2022—KB5011563 (OS Build 22000.593) Preview

March 28, 2022—KB5011563 OS Build 22000.593 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11 original release, see its update history page.Note Follow @WindowsUpdate to...

March 29, 2021—KB5000842 (OS Builds 19041.906 and 19042.906) Preview

March 29, 2021—KB5000842 OS Builds 19041.906 and 19042.906 Preview 2/24/21 IMPORTANT As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update WU and Windows Server Update Services WSUS. Installing KB4577586 will remove Adobe Flash Player...

Microsoft Windows: Turn off toast notifications on the lock screen

This test checks the setting for policy OpenVAS Vulnerability Test $Id: wintoastlockscreen.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Turn off toast notifications on the lock screen users listed in HKU Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...