8 matches found
CVE-2026-23753
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the language management functionality where the charset POST parameter is passed directly to SWIFTLanguage::Create without HTML sanitization and subsequently rendered unsanitized by ViewLanguage.RenderGrid. An...
EUVD-2018-0603
Malware in sbrugna...
CVE-2014-6393
The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting XSS attacks via characters in a non-standard encoding...
CVE-2010-1382
Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field...
Cross site scripting
Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field...
CVE-2010-1382
The CVE-2010-1382 issue affects Apple Mac OS X Wiki Server: specifically OS X 10.5.8 and 10.6 before 10.6.4. The root cause is a lack of a charset field in Wiki content, enabling a cross-site scripting (XSS) vector. Impact stated: remote authenticated users can inject arbitrary web script or HTML...
CVE-2010-1382
Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field...
Format string
msnmsgr.exe in Windows Live Messenger WLM 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service application crash via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header...