83 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Display template option of the Set field type, where user-supplied input is processed by the $interpolate function and rendered via Vue's v-html directive without proper sanitization. An attacker can...
CVE-2025-11687
A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...
CVE-2025-63417
A Stored Cross-Site Scripting XSS vulnerability in the chat functionality of the SelfBest platform 2023.3 allows authenticated attackers to inject arbitrary web scripts or HTML via the chat message input field. This malicious content is stored and then executed in the context of other users'...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of reserved data attributes in the Sanitizer::validateAttributes function. An attacker can execute arbitrary JavaScript in the context of the user's browser by injecting malicious scripts...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Commerce Search Result widget when user-supplied input is injected into the Name text field of a Commerce Product. An attacker can execute arbitrary web scripts in the context of the user's browser by...
EUVD-2020-21454
Malware in sbrugna...
EUVD-2020-7898
Malware in sbrugna...
EUVD-2015-6192
Malware in sbrugna...
EUVD-2009-3552
Malware in sbrugna...
praktikum_xss
PoC exploit for a web application vulnerability, specifically ta...
EUVD-2023-58949
Malicious code in bioql PyPI...
EUVD-2024-1871
Malicious code in bioql PyPI...
EUVD-2022-52450
Malicious code in bioql PyPI...
EUVD-2022-43237
Malicious code in bioql PyPI...
EUVD-2022-43193
Malicious code in bioql PyPI...
Proxmox Virtual Environment 安全漏洞
Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from a stored cross-site scripting vulnerability in the WebAuthn Relying Party field...
CVE-2025-51411
A reflected cross-site scripting XSS vulnerability exists in Institute-of-Current-Students v1.0 via the email parameter in the /postquerypublic endpoint. The application fails to properly sanitize user input before reflecting it in the HTML response. This allows unauthenticated attackers to injec...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Overview tab error message handling process. An attacker can execute arbitrary JavaScript code in the context of the affected user's browser by injecting malicious payloads into error messages that are...
CVE-2024-41226
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arguing the attacker executes everything from the client side and does not attack the Control Room. T...
CVE-2024-54083
Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, 9.5.x = 9.5.12 fail to properly validate the type of callProps which allows a user to cause a client side webapp and mobile DoS to users of particular channels, by sending a specially crafted post...