Lucene search
+L

4 matches found

osv
osv
added 2026/07/10 12:0 a.m.4 views

UBUNTU-CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS6.2AI score0.00137EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/26 12:0 a.m.12 views

mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of Python format strings to insert id and text values into tags without proper HTML escapin...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References2
euvd
euvd
added 2025/12/27 12:4 a.m.9 views

EUVD-2025-203846

Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/id/notes, the backend automatically wraps user input in tags. However, by intercepting the...

8.6CVSS6.5AI score0.00193EPSS
Exploits1References3
cnnvd
cnnvd
added 2024/09/09 12:0 a.m.3 views

Joplin 跨站脚本漏洞

Joplin is an open source note-taking and to-do list application from the individual developer Laurent Cozic. A cross-site scripting vulnerability exists in Joplin version 3.0.13 that stems from processing HTML content without properly escaping or handling symbols, which allows cross-site scriptin...

9.6CVSS5.9AI score0.00748EPSS
Exploits1References3
Rows per page
Query Builder