EUVD-2025-7206

Malicious code in bioql PyPI...

The vulnerability of the Apache Felix HTTP Webconsole plugin, which stems from the lack of protective measures for website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Apache Felix HTTP Webconsole plugin is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

GHSA-2CV6-4F2R-JQ2C Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix HTTP Webconsole Plugin. This issue affects Apache Felix HTTP Webconsole Plugin: from Version 1.X through 1.2.0. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix HTTP Webconsole Plugin. This issue affects Apache Felix HTTP Webconsole Plugin: from Version 1.X through 1.2.0. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2025-27867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix HTTP Webconsole Plugin. This issue affects Apache Felix HTTP Webconsole Plugin: from Version 1.X through 1.2.0. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2025-27867

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix HTTP Webconsole Plugin. This issue affects Apache Felix HTTP Webconsole Plugin: from Version 1.X through 1.2.0. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2025-27867 Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix HTTP Webconsole Plugin. This issue affects Apache Felix HTTP Webconsole Plugin: from Version 1.X through 1.2.0. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2025-27867

The CVE-2025-27867 entry concerns an XSS flaw in the Apache Felix HTTP Webconsole Plugin. Affected versions are 1.X through 1.2.0; the root cause is improper neutralization of input during web page generation. Impact is consistent with a Cross-Site Scripting risk affecting users of the Webconsole...

CVE-2025-27867 Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix HTTP Webconsole Plugin. This issue affects Apache Felix HTTP Webconsole Plugin: from Version 1.X through 1.2.0. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

Apache Felix HTTP Webconsole Plugin 安全漏洞

Apache Felix HTTP Webconsole Plugin is a plugin from Apache Corporation USA. A security vulnerability exists in Apache Felix HTTP Webconsole Plugin versions 1.X through 1.2.0 that originates from improper input neutralization during web page generation and could lead to a cross-site scripting...

Cross-site Scripting in healthcheck webconsole plugin

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting XSS attack. Upgrade to Apache Felix Healthcheck...

CVE-2023-38435

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting XSS attack. Upgrade to Apache Felix Healthcheck...

CVE-2023-38435

An improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting XSS attack. Upgrade to Apache Felix Healthcheck...

CVE-2023-38435

CVE-2023-38435 concerns the Apache Felix Healthcheck Webconsole Plugin (v2.0.2 and earlier). The vulnerability arises from an improper neutralization of input during web page generation, i.e., a reflected Cross-Site Scripting (XSS) flaw (CWE-79). This could allow an attacker to inject and execute...

Apache Felix Healthcheck Webconsole Plugin 跨站脚本漏洞

Apache Felix Healthcheck Webconsole Plugin is a web console plugin from the Apache Foundation USA. A cross-site scripting vulnerability exists in Apache Felix Healthcheck Webconsole Plugin 2.0.2 and earlier versions, which stems from the presence of a reflected cross-site scripting XSS...

PT-2023-26420 · Apache · Apache Felix Healthcheck Webconsole Plugin

Name of the Vulnerable Software and Affected Versions: Apache Felix Healthcheck Webconsole Plugin versions 2.0.2 and prior Description: An improper neutralization of input during web page generation, also known as Cross-site Scripting, may allow an attacker to perform a reflected cross-site...

PT-2023-25419 · Kodbox · Kodbox

Name of the Vulnerable Software and Affected Versions: kodbox version 1.26 Description: A critical issue affects the function Execute of the file webconsole.php.txt in the WebConsole Plug-In component, leading to os command injection. The exploit has been disclosed publicly and may be used. The...