CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2023/09/06 4:33 p.m.•1 views

DRUPAL-CONTRIB-2023-044

The Webprofiler module provides a way of displaying the Symfony profile debugging tool at the bottom of each page. The abbr\class Twig filter can be used to bypass the Twig auto-escape feature. This vulnerability is mitigated by the fact that it is only exposed when the filter is specifically use...

6.7AI score

Exploits0References1

SUSE CVE•added 2023/02/15 4:47 a.m.•1 views

SUSE CVE-2017-7476

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the saveabbr function in timerz.c...

9.8CVSS7.5AI score0.00932EPSS

Exploits1References6

Github Security Blog•added 2019/08/23 12:5 a.m.•30 views

Cross-site Scripting in pandao

pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element...

6.1CVSS3.2AI score0.00223EPSS

Exploits1References3Affected Software1

Veracode•added 2019/08/05 6:37 a.m.•20 views

Cross-site Scripting (XSS)

editor.md is vulnerable to cross-site scripting XSS. The attack is possible because a user’s input in the attribute of an ABBR or SUP tags are not sanitized, allowing an attacker to inject a malicious script through it...

6.1CVSS2.7AI score0.00223EPSS

Exploits1References1Affected Software1