88 matches found
PT-2017-14131 · Mistune · Mistune
Name of the Vulnerable Software and Affected Versions: Mistune version 0.7.4 Description: The issue allows for XSS attacks through unexpected newlines or crafted email addresses, related to the escape and autolink functions. Recommendations: For Mistune version 0.7.4, consider updating to a newer...
Cross-site Scripting (XSS)
b2evolution is vulnerable to Cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...
CVE-2016-7149
Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...
CVE-2016-7149
Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...
Cross site scripting
Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...
Updated ruby-redcarpet packages fix a security vulnerability
Updated ruby-redcarpet packages fix security vulnerability: Redcarpet allows for possible XSS of untrusted markdown if the autolink extension is enabled...
MGASA-2015-0206 Updated ruby-redcarpet packages fix a security vulnerability
Updated ruby-redcarpet packages fix security vulnerability: Redcarpet allows for possible XSS of untrusted markdown if the autolink extension is enabled...
Analysis of a php exploit code-exploit warning-the black bar safety net
A few days ago to see a period of interesting code, records. First introduced to the php in a famous function pregreplace, which prototype is: mixed pregreplace mixed pattern, mixed replacement, mixed subject , int limit This function is an interesting place to be: as long as the first parameter...