5 matches found
WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by ? in WordPress Theme Togo versions 1.0.4...
WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by ? in WordPress Theme Togo versions 1.0.4...
Drupal CKEditor5 Youtube module < 1.0.4 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by nico.b in WordPress Module CKEditor5 Youtube versions 1.0.4...
Drupal Ignition by Thrive Themes module < 1.0.4 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by Dieter Holvoet in WordPress Module Ignition Error Pages versions 1.0.4...
DEBIAN-CVE-2018-3741
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...