23 matches found
CVE-2026-52798
Gogs is an open source self-hosted Git service. Prior to 0.14.3, although .ipynb previews are sanitized on the server side via /-/api/sanitizeipynb, the inserted content is re-rendered on the client side without sanitization using marked on elements with the .nb-markdown-cell class. During this...
CVE-2026-52798 Gogs: Stored XSS in `.ipynb` Preview
Gogs is an open source self-hosted Git service. Prior to 0.14.3, although .ipynb previews are sanitized on the server side via /-/api/sanitizeipynb, the inserted content is re-rendered on the client side without sanitization using marked on elements with the .nb-markdown-cell class. During this...
CVE-2026-52798
Gogs (self-hosted Git service) is affected by CVE-2026-52798: prior to 0.14.3, .ipynb previews are sanitized server-side, but the client-side re-rendering with marked() on .nb-markdown-cell can regenerate javascript: links, enabling Stored XSS when a victim clicks a crafted link in an attacker-su...
Gogs has Stored XSS in `.ipynb` Preview
Summary Although .ipynb previews are sanitized on the server side via /-/api/sanitizeipynb, the inserted content is re-rendered on the client side without sanitization using marked on elements with the .nb-markdown-cell class. During this process, links containing schemes such as javascript: can ...
GHSA-48R7-HPM6-GFXM @angular/common: Denial of Service (DoS) via OOM in Date Formatting (formatDate)
A Denial of Service DoS vulnerability exists in the @angular/common package of the Angular framework. The formatDate function, which is also utilized by the standard Angular DatePipe, does not properly limit or validate the length of the format parameter. When parsing a maliciously crafted,...
GHSA-P3VC-36G9-X9GR @angular/common: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)
A Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber function, which is also utilized by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. Specifically, the minimum and maximum...
PT-2026-49583
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.1 Angular versions prior to 21.2.17 Angular versions prior to 20.3.25 Description A Denial of Service DoS issue exists in the @angular/common package. The formatDate function, also used by the standard DatePipe,...
PT-2026-49562
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-rc.2 Angular versions prior to 21.2.15 Angular versions prior to 20.3.22 Angular versions prior to 19.2.23 Description A Denial of Service DoS issue exists in the @angular/common package. The formatNumber...
CVE-2026-32121
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. That finding involves server-side rendering of patient names via raw PHP echo. This finding involves...
CVE-2026-32121 OpenEMR: Stored DOM XSS via `.html()` in Portal Signer Modal
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. That finding involves server-side rendering of patient names via raw PHP echo. This finding involves...
PT-2026-24840
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. That finding involves server-side rendering of patient names via raw PHP echo. This finding involves...
Svelte SSR does not validate dynamic element tag names in `<svelte:element>`
When using in server-side rendering, the provided tag name is not validated or sanitized before being emitted into the HTML output. If the tag string contains unexpected characters, it can result in HTML injection in the SSR output. Client-side rendering is not affected...
Cross-site Scripting (XSS)
Overview html2pdf.js is a Client-side HTML-to-PDF rendering using pure JS Affected versions of this package are vulnerable to Cross-site Scripting XSS via the html2pdf function when processing unsanitized text not element sources. An attacker can execute arbitrary scripts in the context of the...
CVE-2020-17024
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability...
CVE-2020-17024
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability...
Privilege escalation
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability...
CVE-2020-17024
CVE-2020-17024 is a Windows Client Side Rendering Print Provider Elevation of Privilege vulnerability. Connected sources confirm impact as HIGH (base CVSS v3.1: 7.8) with LOCAL attack vector, LOW attack complexity, and privileges required: LOW; user interaction: NONE. Confidentiality/Integrity/Av...
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
...
PT-2020-4864 · Microsoft · Windows Client Side Rendering Print Provider +1
Name of the Vulnerable Software and Affected Versions: Windows Client Side Rendering Print Provider affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Client Side Rendering Print Provider component of the Windows operating system...
KB4586787: Windows 10 November 2020 Security Update
The Microsoft 4586787 Product is missing security updates. - Remote Desktop Protocol Server Information Disclosure Vulnerability CVE-2020-16997 - DirectX Elevation of Privilege Vulnerability CVE-2020-16998 - Windows WalletService Information Disclosure Vulnerability CVE-2020-16999 - Remote Deskto...