4 matches found
[SECURITY] Fedora 44 Update: plasma-oxygen-6.6.4-1.fc44
Plasma and Qt widget style and window decorations for Plasma...
Cross-site Scripting (XSS)
Overview apostrophe is a content management system CMS for Node.js. It supports in-context editing, schema-driven content types, flexible widgets and a great deal more. This module contains everything necessary to build a website with ApostropheCMS. Affected versions of this package are vulnerabl...
CVE-2026-33889 ApostropheCMS: Stored XSS via CSS Custom Property Injection in `@apostrophecms/color-field` Escaping Style Tag Context
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in the @apostrophecms/color-field module, where color values prefixed with -- bypass TinyColor validation intended for CSS custom properties, and the...
[SECURITY] Fedora 37 Update: plasma-oxygen-5.27.1-1.fc37
Plasma and Qt widget style and window decorations for Plasma 5 and KDE 4...