12 matches found
CVE-2026-1008
A stored cross-site scripting XSS vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected...
CVE-2026-1008
CVE-2026-1008 describes a stored XSS in Altium 365 profile text fields due to insufficient server-side input sanitization. The vulnerability allows authenticated users to inject arbitrary HTML/JavaScript payloads using whitespace-based attribute parsing bypass techniques. The payload is persisted...
CVE-2026-1008
A stored cross-site scripting XSS vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected...
PT-2026-3140
Name of the Vulnerable Software and Affected Versions Altium 365 affected versions not specified Description A stored cross-site scripting XSS issue exists in the user profile text fields. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScri...
SUSE CVE-2019-11720
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...
CVE-2019-11720
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...
UBUNTU-CVE-2019-11720
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...
undertow: improper whitespace parsing leading to potential HTTP request smuggling
It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...
undertow: improper whitespace parsing leading to potential HTTP request smuggling
It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...
undertow: improper whitespace parsing leading to potential HTTP request smuggling
It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...
undertow: improper whitespace parsing leading to potential HTTP request smuggling
It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...
USN-3279-1: Apache HTTP Server vulnerabilities
It was discovered that the Apache modsessioncrypto module was encrypting data and cookies using either CBC or ECB modes. A remote attacker could possibly use this issue to perform padding oracle attacks. CVE-2016-0736 Maksim Malyutin discovered that the Apache modauthdigest module incorrectly...