5 matches found
GHSA-GFWX-W7GR-FVH7 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in nltk
Summary nltk.app.wordnetapp contains a reflected cross-site scripting issue in the lookup... route. A crafted lookup URL can inject arbitrary HTML/JavaScript into the response page because attacker-controlled word data is reflected into HTML without escaping. This impacts users running the local...
The recipient address check during handling register events will confuse users and block the users contracts registering
Lines of code Vulnerability details Impact The check about if the receiver account exists in the evm store doesn't make sense and will cause users to encounter a confusing exception. And the RegisterEvent function will not throw an exception to revert the tx, the source contract will be wrote in...
CVE-2020-28956
Multiple cross-site scripting XSS vulnerabilities in the Sales module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary address state or alternate address state input fields...
Sugarcrm SugarCRM č·Øē«čę¬ę¼ę“
Sugarcrm SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM Sugarcrm, USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales representatives...
Sugarcrm SugarCRM č·Øē«čę¬ę¼ę“
Sugarcrm SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM Sugarcrm, USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and information sharing and tracking of sales representatives. SugarC...