CVE-2026-41148 Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram and any other diagram type that routes...

CVE-2026-41148

CVE-2026-41148 affects Mermaid diagrams up to v10.9.5 and v11.0.0-alpha.1 to v11.12.0, where improper sanitization of classDef values in state diagrams allows CSS injection via addStyleClass() into create CssStyles(), ending with style.innerHTML and enabling page defacement, url()-based tracking,...

NPM: Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection

NPM: Mermaid: Improper sanitization of classDefs in diagrams leads to CSS injection vulnerability discovered by ? in WordPress Npm mermaid versions = 10.9.5...

GHSA-XCJ9-5M2H-648R Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection

Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures classDef values with an unrestricted regex: jison // packages/mermaid/src/diagrams/state/parser/stateDiagram.jison:83 ^\n...

Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection

Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures classDef values with an unrestricted regex: jison // packages/mermaid/src/diagrams/state/parser/stateDiagram.jison:83 ^\n...

GHSA-C8G3-X47W-8Q7P Duplicate Advisory: Pimcore admin users can trigger SQL Injection

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r2f4-ff2p-xc64. This link is maintained to preserve external references. Original Description An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controll...

SQL Injection

Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to SQL Injection via the DataObject composite index handling process. An attacker can execute arbitrary SQL commands in the backend database by injecting...

GHSA-CGMM-X5WW-Q5CR beautiful-mermaid contains an SVG attribute injection issue that can lead to cross-site scripting (XSS)

beautiful-mermaid versions prior to 0.1.3 contain an SVG attribute injection issue that can lead to cross-site scripting XSS when rendering attacker-controlled Mermaid diagrams. User-controlled values from Mermaid style and classDef directives are interpolated into SVG attribute values without...

SUSE-SU-2024:1345-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream bsc1221386 - CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open bsc1221385 Other fixes: - Update to Tomcat 9.0.87...

IBM Cognos Analytics has an unspecified vulnerability (CNVD-2022-11191)

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards and scorecards, and can help companies adjust their decisions by analyzing key factors and key people, etc. A security vulnerability exists in IBM Cognos Analytics...

Design/Logic Flaw

Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:3359-1)

"This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 - New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector - Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

Security update for java-1_8_0-openjdk (moderate)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2083-1 Rating: moderate References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...

Fedora 32 : 1:java-11-openjdk (2020-fdc79d8e5b)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...