Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2026/02/19 12:0 a.m.6 views

PT-2026-20982

Name of the Vulnerable Software and Affected Versions Leafkit versions prior to 1.4.1 Description Leafkit’s htmlEscaped function inadequately escapes HTML special characters when dealing with extended grapheme clusters. This occurs because the function only escapes characters if the extended...

6.1CVSS5.6AI score0.00017EPSS
Exploits1References9
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-38198

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00194EPSS
Exploits0References2
NVD
NVDadded 2025/06/26 2:15 a.m.1 views

CVE-2025-5564

The GC Social Wall plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gcsocialwall' shortcode in all versions up to, and including, 1.15 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS0.00164EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 1:14 a.m.3 views

CVE-2022-23543

Silverware Games is a social network where people can play games online. Users can attach URLs to YouTube videos, the site will generate related when the post will be published. The handler has some sort of protection so non-YouTube links can't be posted, as well as HTML tags are being stripped...

6.3CVSS6.5AI score0.00201EPSS
Exploits0References1
OSV
OSVadded 2024/12/10 9:29 p.m.12 views

GO-2024-3314 Hugo does not escape some attributes in internal templates in github.com/gohugoio/hugo

Hugo does not escape some attributes in internal templates in github.com/gohugoio/hugo...

5.3CVSS5.3AI score0.0038EPSS
Exploits0References4
CVE
CVEadded 2024/12/09 9:11 p.m.79 views

CVE-2024-55601

Hugo, a static site generator, is affected in versions 0.123.0 through 0.139.3 (prior to 0.139.4). The issue: certain HTML attributes in Markdown in internal templates are not escaped in render hooks, specifically in templates _default/_markup/render-link.html (v0.123.0), _default/_markup/render-...

5.3CVSS6.2AI score0.0038EPSS
Exploits0References4
Snyk
Snykadded 2024/11/04 9:39 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper sanitization of the addattributes Twig function. PoC php Dangerous user supplied variable % set payload = 'alertxss' % Here, Twig escapes it payload Here it is not escaped alertxss' foo Details...

4.6CVSS5.2AI score
Exploits0References2
Cvelist
Cvelistadded 2024/08/01 9:29 a.m.13 views

CVE-2024-6346 Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks <= 2.2.85 - Authenticated (Contributor+) Stored Cross-Site Scripting via redirectURL Parameter of Date Countdown Widget

The Gutenberg Blocks, Page Builder – ComboBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the redirectURL parameter of the Date Countdown widget, in all versions up to, and including, 2.2.85 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS0.00254EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2022/01/21 6:17 p.m.6 views

CVE-2021-23196 Fresenius Kabi Agilia Connect Infusion System insufficiently protected credentials

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently...

7.3CVSS8AI score0.00261EPSS
Exploits0References1
Rows per page
Query Builder