6 matches found
EUVD-2024-2745
Malicious code in bioql PyPI...
CVE-2024-45592
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because %sourcelabel% in twig macro is not escaped. Therefore script...
CVE-2024-45592
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because %sourcelabel% in twig macro is not escaped. Therefore script...
CVE-2024-45592 auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because %sourcelabel% in twig macro is not escaped. Therefore script...
CVE-2024-45592 auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript injection. This is possible because %sourcelabel% in twig macro is not escaped. Therefore script...
auditor-bundle 跨站脚本漏洞
auditor-bundle is a tool by Damien Harper Personal Developer. A cross-site scripting vulnerability exists in auditor-bundle versions prior to 6.0.0, which stems from an unescaped entity attribute that enables Javascript injection...