96 matches found
GHSA-JJ45-24RW-V6JW Cross-site scripting in TotalJS
A stored cross-site scripting XSS vulnerability in TotalJS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...
Cross-site scripting in TotalJS
A stored cross-site scripting XSS vulnerability in TotalJS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...
CVE-2023-30096
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
CVE-2023-30097
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...
CVE-2023-30094
A stored cross-site scripting XSS vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...
CVE-2023-30094
A stored cross-site scripting XSS vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...
Cross site scripting
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...
Cross site scripting
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...
CVE-2023-30096
CVE-2023-30096 concerns a stored XSS in TotalJS Messenger (commit b6cf1c9). The vulnerability arises in the user information field, allowing an attacker to inject crafted payloads that execute arbitrary web scripts/HTML when processed by the vulnerable component. Reported impact is limited to cli...
TotalJS messenger 跨站脚本漏洞
TotalJS messenger is a Node.js open source Slack alternative to the Total.js Platform open source. A cross-site scripting vulnerability exists in TotalJS Messenger version b6cf1c9, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload injected into a...
TotalJS messenger 跨站脚本漏洞
TotalJS messenger is a Node.js open source Slack alternative to the Total.js Platform open source. A security vulnerability exists in TotalJS messenger. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into a private task...
PT-2023-22536 · Unknown · Totaljs Flow
Name of the Vulnerable Software and Affected Versions: TotalJS Flow version 10 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module. This issue...
TotalJS messenger 跨站脚本漏洞
TotalJS messenger is a Node.js open source Slack alternative to the Total.js Platform open source. TotalJS Messenger version b6cf1c9 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload injected into t...
PT-2023-22539 · Unknown · Totaljs Messenger
Name of the Vulnerable Software and Affected Versions: TotalJS messenger affected versions not specified Description: A stored cross-site scripting XSS vulnerability in TotalJS messenger allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task...
CVE-2023-30097
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...
TotalJS Flow 跨站脚本漏洞
TotalJS Flow is an open source application for the Total.js Platform. A security vulnerability exists in version v10 of TotalJS Flow. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the Platform Name field in the...
CVE-2023-30096
A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field...
CVE-2023-30094
A stored cross-site scripting XSS vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...