6 matches found
EUVD-2026-42909
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...
CVE-2026-11156
Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability
Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading Style Sheets CSS @import directives in email HTML...
[SECURITY] Fedora 43 Update: python-tinycss2-1.5.1-1.fc43
tinycss2 is a modern, low-level CSS parser for Python. tinycss2 is a rewrite of tinycss with a simpler API, based on the more recent CSS Syntax Level 3 specification...
The vulnerability in the cr parser_parse_any_core function of the cr-parser.c library, which is used for working with cascade CSS2 Libcroco tables, allows a attacker to compromise the integrity of data and also cause service failures.
The vulnerability of the cr parserparseanycore function in the cr-parser.c library, which is used for working with cascading CSS2 Libcroco tables, is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to compromise data integrity and cause service...
SUSE CVE-2010-1393
The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...