16 matches found
CVE-2026-42999
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforcecall unconditionally merges the raw JSON request body into the policy enforcement dictionary via policydict.updatejsoninput.copy, overwriting trusted target data that was previously set from...
CVE-2026-34405
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in...
EUVD-2007-3783
Malware in sbrugna...
Extension Embed Video 安全漏洞
Extension Embed Video is an embedded video software from Star Citizen Wiki Open Source. A security vulnerability exists in EmbedVideo Extension 4.0.0 and earlier versions, which stems from allowing arbitrary attributes to be added to HTML elements, potentially leading to stored cross-site scripti...
CVE-2024-3318
A file path traversal vulnerability was identified in the DelimitedFileConnector Cloud Connector that allowed an authenticated administrator to set arbitrary connector attributes, including the “file“ attribute, which in turn allowed the user to access files uploaded for other sources...
GHSA-4X6X-8RM8-C37J Extension:TabberNeue vulnerable to Cross-site Scripting
Summary There are several sources of arbitrary, unescaped user input being used to construct HTML, which allows any user that can edit pages or otherwise render wikitext to XSS other users. Edit: Only the first XSS can be reproduced in production. Details ✅ Verified and patched in...
CVE-2024-3318
The CVE-2024-3318 issue affects SailPoint’s DelimitedFileConnector Cloud Connector. A file path traversal vulnerability allows an authenticated administrator to set arbitrary connector attributes (including the file attribute), which can enable access to files uploaded for other sources. The avai...
Updated golang packages fix security vulnerability
Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input...
AZL-37500 CVE-2023-29400 affecting package golang for versions less than 1.21.6-1
Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...
Code injection
Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...
CVE-2023-29400
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr=." executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into...
MediaWiki authorization error vulnerability (CNVD-2023-29701)
MediaWiki is a free and free-to-use web-based wiki engine from the MediaWiki Foundation, which can be used to deploy in-house knowledge management and content management systems. An authorization error vulnerability exists in the MediaWiki GrowthExperiments extension, which could be exploited by ...
Post Grid < 2.1.8 - Reflected Cross-Site Scripting (XSS)
The slider import search feature and tab parameter of the plugin settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues https://example.com/wp-admin/edit.php?posttype=postgrid&page=post-grid-settings&tab="alert1...
CVE-2017-17062
The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management...
rubygem-activerecord: possible input validation circumvention in Active Model
A flaw was found in the way the Active Model based models processed attributes. An attacker with the ability to pass arbitrary attributes to models could possibly use this flaw to bypass input validation...
Data Injection Vulnerability in Active Record
The createwith functionality in Active Record was implemented incorrectly and completely bypasses the strong parameters protection. Applications which pass user-controlled values to createwith could allow attackers to set arbitrary attributes on models...