19 matches found
WordPress plugin Categories Images 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
EUVD-2026-17739
XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...
CVE-2026-35054
XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...
CVE-2026-35054
XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...
CVE-2026-35054
XenForo before 2.3.9 is affected by a stored XSS flaw in BB code rendering. An attacker can inject malicious scripts via BB code that get stored and executed when other users view the content. The issue is addressed in the XenForo 2.3.9 security fix. Remediation: upgrade to version 2.3.9 or apply...
CVE-2026-35054 XenForo Stored Cross-Site Scripting via BB Code Rendering
XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...
Xenforo 跨站脚本漏洞
Xenforo is a forum software developed by the Xenforo company. Versions of XenForo prior to 2.3.9 had a cross-site scripting vulnerability. This vulnerability stemmed from the BB code rendering, which contained a stored-cross-site scripting flaw, potentially allowing attackers to inject malicious...
EUVD-2021-9376
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later throug...
CVE-2022-28648
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...
GitLab 9.3 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22230)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...
BIT-GITLAB-2021-22230
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...
Code Injection
gitlab is vulnerable to Code Injection. The vulnerability exists due to the improper code rendering while rendering merge requests, which allows an attacker to inject and execute malicious code...
CVE-2021-22230
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...
CVE-2021-22230
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...
Design/Logic Flaw
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...
CVE-2021-22230
CVE-2021-22230 affects GitLab CE/EE from v9.3 through v14.0.2, with the underlying issue: improper code rendering during merge-request rendering that enables submitting malicious code. The connected sources confirm this affects GitLab releases in the 13.x series (notably 13.11.6 and 13.12.6) and ...
CVE-2021-22230
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...
CVE-2021-22230
Removed by vendor...