EUVD-2025-24047

Malicious code in bioql PyPI...

EUVD-2024-47504

Malicious code in bioql PyPI...

CVE-2025-8751

A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has been classified as problematic. This affects an unknown part of the component Block Page. The manipulation of the argument Category leads to cross site scripting. It is possible to initiate the attack...

CVE-2025-8751 Protected Total WebShield Extension Block Page cross site scripting

A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has been classified as problematic. This affects an unknown part of the component Block Page. The manipulation of the argument Category leads to cross site scripting. It is possible to initiate the attack...

PT-2025-32432 · Unknown · Protected Total Webshield Extension

Name of the Vulnerable Software and Affected Versions: Protected Total WebShield Extension versions up to 3.2.0 Description: A vulnerability exists in the Block Page component of Protected Total WebShield Extension. Manipulation of the Category argument can lead to cross-site scripting XSS. The...

CVE-2024-6398

An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. The risk is low, because oth...

PT-2024-37595 · Swg · Swg

Name of the Vulnerable Software and Affected Versions: SWG versions 11.x prior to 11.2.24 SWG versions 12.x prior to 12.2.10 Description: An information disclosure issue in SWG allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy...

CVE-2021-23881

A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security ENS prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator...

Cross site scripting

A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security ENS prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator...

CVE-2019-1792

CVE-2019-1792 describes an XSS vulnerability in Cisco Umbrella’s URL block page caused by insufficient validation of input parameters. An unauthenticated, remote attacker could entice a user to click a crafted link, potentially enabling arbitrary script execution in the interface context or acces...

PT-2019-1993 · Cisco · Cisco Umbrella

Name of the Vulnerable Software and Affected Versions: Cisco Umbrella affected versions not specified Description: A vulnerability in Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user in a network protected by Umbrella. The...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the 1 ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or 2...

Code injection

Sophos Web Appliance before 3.7.8.2 allows 1 remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the userworkstation variable in a customized template, and remote authenticated users to execute arbitrary commands via she...

Cross site scripting

Cross-site scripting XSS vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is n...

CVE-2008-4918

Cross-site scripting XSS vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is n...

CVE-2004-2755

Cross-site scripting XSS vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in 1 error or 2 block page messages...