11 matches found
CVE-2026-21618
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files...
CVE-2026-21618
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files...
CVE-2026-21618
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files...
EUVD-2026-3322
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files...
EEF-CVE-2026-21618 Cross-site scripting (XSS) in OAuth Device Authorization screen
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files...
CVE-2026-21618
Summary: CVE-2026-21618 is an XSS vulnerability in hexpm (hexpm/hexpm) affecting Elixir HexpmWeb.SharedAuthorizationView. The issue stems from improper input neutralization in web page generation, specifically in lib/hexpm_web/views/shared_authorization_view.ex and the function render_grouped_sco...
CVE-2026-21618 Cross-site scripting (XSS) in OAuth Device Authorization screen
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files...
PT-2026-3443
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.SharedAuthorizationView' modules allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/hexpm web/views/shared...
CVE-2024-52552
Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2024-52552
The CVE-2024-52552 issue affects the Jenkins Authorize Project Plugin (versions ≤ 1.7.2). The root cause is that the plugin evaluates a string containing the job name with JavaScript on the Authorization view, causing a stored XSS vulnerability. Exploitation requires Item/Configure permissions. T...
CVE-2024-52552
Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...