89 matches found
GHSA-G47H-FGCW-G4PH Algernon engine and themes vulnerable to Cross-site Scripting
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possibl...
Algernon engine and themes vulnerable to Cross-site Scripting
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possibl...
CVE-2023-26131
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possibl...
Cross site scripting
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possibl...
CVE-2023-26131
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possibl...
CVE-2023-26131
Summary: CVE-2023-26131 affects the Algernon project’s engine and themes components via an XSS flaw in themes.NoPage(filename, theme) caused by improper user input sanitization when a file/resource is not found. The vulnerability is evidenced by multiple connected sources detailing the same issue...
algernon 跨站脚本漏洞
algernon is a web server. A security vulnerability exists in algernon that stems from incorrect cleaning of user input. An attacker could exploit this vulnerability to conduct a cross-site scripting attack...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found. PoC bash go install...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found. PoC bash go install...