Cross-Site Scripting (XSS)

@jitbit/htmlsanitizer is vulnerable to cross-site scripting. The vulnerability is due to improper sanitization caused by the code beautifier running after sanitation when used with a contentEditable element, allows an attacker to inject and execute malicious scripts in a victim’s browser...

CVE-2025-29771

HtmlSanitizer (client-side HTML sanitizer) is affected: versions prior to 2.0.3 are vulnerable to cross-site scripting when used with a contentEditable element that sets innerHTML to a sanitized string. The issue is caused by the code beautifier running after sanitation, enabling XSS. remediation...

Mganss HtmlSanitizer 跨站脚本漏洞

Mganss HtmlSanitizer is a C, AngleSharp based software from Mganss Individual Developers for use in clearing HTML code and documents from source code that could lead to XSS attacks. A cross-site scripting vulnerability exists in Mganss HtmlSanitizer versions prior to 2.0.3, which stems from a...

Kanboard 跨站脚本漏洞

Kanboard is a suite of open source visual task board software. The software is able to customize the panels according to the business. A cross-site scripting vulnerability exists in Kanboard 1.2.28 and earlier versions, which stems from improper handling of elements under the contentEditable...

Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-059 Microsof...

MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

This is a memory corruption bug found in Microsoft Internet Explorer. On IE 9, it seems to only affect certain releases of mshtml.dll, ranging from a newly installed IE9 9.0.8112.16446, to 9.00.8112.16502 July 2013 update. IE8 requires a different way to trigger the vulnerability, but not current...