PT-2026-38276

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Jupyter Notebook versions prior to 7.5.6 Description The HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements. Because CommandLinker listens for all click events...

CVE-2024-4700

The WP Table Builder – WordPress Table Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button element in all versions up to, and including, 1.4.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

PT-2024-32332 · WordPress · Wp Table Builder

Name of the Vulnerable Software and Affected Versions: The WP Table Builder – WordPress Table Plugin versions up to, and including, 1.4.14 Description: The issue is related to Stored Cross-Site Scripting via the button element due to insufficient input sanitization and output escaping. This allow...

CVE-2018-9955

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA...

CVE-2018-9970

Foxit Reader 9.0.1.1049 is affected by CVE-2018-9970 due to a bug in the XFA execEvent method of Button elements. The vulnerability arises from failing to validate the existence of an object before performing operations, enabling remote code execution when a user opens a malicious file or visits ...

CVE-2018-9953

Foxit Reader 9.0.1.1049 is affected by CVE-2018-9953. The vulnerability lies in the XFA resolveNodes method of Button elements, where code executes without validating the existence of an object before performing operations. This allows remote code execution with the current process context and re...

Foxit Reader XFA boundItem Method Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the XFA boundItem event of the Button element, which can be exploited by an attacker to execute arbitrary code in the context of the current process due to a lack of validation before...

Foxit Reader XFA execEvent Method Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the XFA execEvent event of the Button element, which can be exploited by an attacker to execute arbitrary code in the context of the current process due to a lack of validation before...

Foxit Reader Text Annotations Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the XFA Button element, which can be exploited by an attacker to execute arbitrary code in the context of the current process due to a failure to validate an object befor...

Foxit Reader XFA Button Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the XFA Button element, which can be exploited by an attacker to execute arbitrary code in the context of the current process due to a failure to validate an object befor...