20 matches found
EUVD-2023-34528
Malicious code in bioql PyPI...
EUVD-2023-34526
Malicious code in bioql PyPI...
CVE-2023-30096
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
CVE-2023-30097
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...
CVE-2023-30095
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field...
CVE-2023-30096
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...
TotalJS messenger 跨站脚本漏洞
TotalJS messenger is a Node.js open source Slack alternative to the Total.js Platform open source. A security vulnerability exists in TotalJS messenger. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into a private task...
TotalJS messenger 跨站脚本漏洞
TotalJS messenger is a Node.js open source Slack alternative to the Total.js Platform open source. A cross-site scripting vulnerability exists in TotalJS Messenger version b6cf1c9, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload injected into a...
TotalJS messenger 跨站脚本漏洞
TotalJS messenger is a Node.js open source Slack alternative to the Total.js Platform open source. TotalJS Messenger version b6cf1c9 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload injected into t...
CVE-2023-30096
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
CVE-2023-30097
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...
PT-2023-22539 · Unknown · Totaljs Messenger
Name of the Vulnerable Software and Affected Versions: TotalJS messenger affected versions not specified Description: A stored cross-site scripting XSS vulnerability in TotalJS messenger allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task...
CVE-2023-30095
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field...
CVE-2023-30096
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
PT-2023-22538 · Total.Js · Total.Js
Name of the Vulnerable Software and Affected Versions: TotalJS messenger version b6cf1c9 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field. This enables attackers to...
CVE-2023-30095
CVE-2023-30095 affects TotalJS Messenger (commit b6cf1c9). It describes a stored XSS vulnerability in the channel description field, allowing an attacker to execute arbitrary web scripts or HTML in the context of the affected app. The vulnerability is evidenced across multiple sources, including ...
CVE-2023-30097
CVE-2023-30097 concerns TotalJS messenger. The vulnerability is a stored cross-site scripting (XSS) issue in the messenger, exploitable via a crafted payload injected into the private task field (commit b6cf1c9). Affected software is TotalJS messenger; underlying cause is stored XSS; impact is ex...
CVE-2023-30097
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...