7 matches found
CVE-2026-44899 Mistune Image Directive CSS Injection Vulnerability
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a regex compiled as numre = re.compiler"^\d+?:.\d?". When the validated value is not a plain integer, renderblockimage inserts it directly int...
Astra Linux – Vulnerability in Python-Django
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with appropriately crafted file names...
CVE-2026-44897 affecting package python-mistune for versions less than 3.2.1-1
CVE-2026-44897 affecting package python-mistune for versions less than 3.2.1-1. A patched version of the package is available...
Drupal SpamSpan filter module < 3.2.1 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module SpamSpan filter versions 3.2.1...
Bna Informatics PosPratik 安全漏洞
Bna Informatics PosPratik is an application from Bna Informatics, Inc. A security vulnerability exists in Bna Informatics PosPratik versions prior to v3.2.1, which stems from improper neutralization of script-related HTML tags in web pages, allowing cross-site scripting attacks via HTTP query...
PT-2023-20696 · WordPress · Jeff Starr Dashboard Widgets Suite
Name of the Vulnerable Software and Affected Versions: Jeff Starr Dashboard Widgets Suite plugin versions prior to 3.2.1 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin access can inject malicious scripts...
PYSEC-2022-16
Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery SSRF. Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affected. A lack of...