21 matches found
EUVD-2021-24679
Malware in sbrugna...
EUVD-2023-40200
Malicious code in bioql PyPI...
EUVD-2023-40199
Malicious code in bioql PyPI...
CVE-2023-36222
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function...
CVE-2021-38221
bbs-go = 3.3.0 including Custom Edition is vulnerable to stored XSS...
CVE-2023-36223
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function...
CVE-2023-36222
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function...
CVE-2023-36223
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function...
Cross site scripting
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function...
bbs-go 跨站脚本漏洞
bbs-go is an open source community system built using the Go language by mlogclub open source. A cross-site scripting vulnerability exists in mlogclub bbs-go v. 3.5.5, which stems from a vulnerability that allows a remote attacker to execute arbitrary code via a crafted payload on the comment...
CVE-2023-36223
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function...
PT-2023-25489 · Mlogclub · Bbs-Go
Name of the Vulnerable Software and Affected Versions: mlogclub bbs-go versions 3.5.5 and before Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function. This enables the attacker to perform Cross Site...
CVE-2023-36223
CVE-2023-36223 is a Cross Site Scripting (XSS) vulnerability in mlogclub/bbs-go prior to 3.5.5. The root cause is improper escaping in the announcements parameter within the settings function, allowing a remote attacker to inject and execute script code in a victim’s browser. Multiple connected s...
CVE-2023-36222
CVE-2023-36222 (mlogclub/bbs-go) is a Cross Site Scripting vulnerability affecting v3.5.5 and earlier. The issue arises in the comment parameter of the article function, where crafted input can be echoed to the front end, allowing a remote attacker to execute arbitrary code via XSS. Several conne...
bbs-go 跨站脚本漏洞
bbs-go is an open source community system built using the Go language by mlogclub open source. A cross-site scripting vulnerability exists in mlogclub bbs-go v. 3.5.5, which stems from a vulnerability that allows a remote attacker to execute arbitrary code via a crafted payload on the announcemen...
bbs-go cross-site scripting vulnerability
bbs-go is an open source community system built using the Go language. bbs-go 3.3.0 and earlier versions have a cross-site scripting vulnerability that stems from the lack of filtering and escaping of user data in the v-html tag of vue used by the application. An attacker could use this...
CVE-2021-38221
bbs-go = 3.3.0 including Custom Edition is vulnerable to stored XSS...
Cross site scripting
bbs-go = 3.3.0 including Custom Edition is vulnerable to stored XSS...
CVE-2021-38221
CVE-2021-38221 affects bbs-go (including Custom Edition)
CVE-2021-38221
bbs-go = 3.3.0 including Custom Edition is vulnerable to stored XSS...