13 matches found
EUVD-2022-0785
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-23647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achiev...
prismjs: improperly escaped output allows a XSS
A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model DOM as HTML code, which can be exploited by an attacker...
prismjs: improperly escaped output allows a XSS
A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model DOM as HTML code, which can be exploited by an attacker...
GHSA-3949-F494-CM99 Cross-site Scripting in Prism
Impact Prism's Command line plugin can be used by attackers to achieve an XSS attack. The Command line plugin did not properly escape its output, leading to the input text being inserted into the DOM as HTML code. Server-side usage of Prism is not impacted. Websites that do not use the Command Li...
DEBIAN-CVE-2022-23647
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted int...
Cross site scripting
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted int...
UBUNTU-CVE-2022-23647
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted int...
CVE-2022-23647
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted int...
CVE-2022-23647 Cross-site Scripting in Prism
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted int...
CVE-2022-23647
Prism is a syntax highlighting library. Starting with version 1.14.0 and prior to version 1.27.0, Prism's command line plugin can be used by attackers to achieve a cross-site scripting attack. The command line plugin did not properly escape its output, leading to the input text being inserted int...
CVE-2022-23647
Prism.js Prism (command line plugin) is vulnerable to cross-site scripting due to improper escaping when output is inserted into the DOM. Affected versions: prior to 1.27.0 (1.14.0–1.26.x). The vulnerability does not affect Prism’s server-side usage or sites not using the Command Line plugin. The...
Prism 跨站脚本漏洞
Prism is an application from the US-based individual developers of Prism. It is a lightweight, extensible syntax highlighting tool. Prism suffers from a cross-site scripting vulnerability that stems from the command line plugin not properly escaping its output, causing input text to be inserted...