CVE-2024-3282

The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

GHSA-RV3X-XQ3R-8J9H LeafKit allows XSS with untrusted user input

Impact This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an attacker managed to find a variable that was rendered with their unsanitised data, they could inject scripts into a generated Leaf pag...

CVE-2021-37634

Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-site Scripting XSS attacks. This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an...

PT-2021-21749 · Leafkit · Leafkit

Name of the Vulnerable Software and Affected Versions: Leafkit versions prior to 1.3.0 Description: Leafkit is a templating language with Swift-inspired syntax. The issue affects anyone passing unsanitised data to Leaf's variable tags. Before the fix, Leaf would not escape any strings passed to...

SA-CONTRIB-2010-054 - Storm - Cross Site Scripting (XSS)

The Storm project provides a group of modules for project management and billing. The module displays data entered by users without sanitising it, allowing for a cross site scripting XSS attack that may lead to a malicious user gaining full administrative access. Versions affected Storm project f...

OXID eShop Community Edition 4.x <= 4.1.3 Unauthorized Access Vulnerability

OXID eShop is prone to unauthorized access vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oxid:eshop";...