CVE-2026-22209

The CVE concerns wpDiscuz before 7.6.47, where a cross-site scripting (XSS) flaw exists in the customCss field. The underlying issue allows an administrator to break out of style tags and inject scripts (for example, ), enabling arbitrary JavaScript execution in the browsers of users. The vulnera...

CVE-2026-22209 wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Custom CSS in Style Tag

wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the customCss field that allows administrators to inject malicious scripts by breaking out of style tags. Attackers with admin access can inject payloads like alert1 in the custom CSS setting to execute arbitrary JavaScript i...

Cisco Secure Endpoint ClamAV CSS Parsing DoS (cisco-sa-clamav-css-Fn4QSZ)

According to its self-reported version, Cisco Secure Endpoint is affected by a denial of service DoS vulnerability. - A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

CVE-2026-31873

Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe safe.ts uses String.includes, which is case-sensitive. Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as data:text/css,... to the browser, but 'DATA:...'.includes'data...

CVE-2026-31873 Unhead has a Bypass of URI Scheme Sanitization in makeTagSafe via Case-Sensitivity

Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe safe.ts uses String.includes, which is case-sensitive. Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as data:text/css,... to the browser, but 'DATA:...'.includes'data...

Malicious Package

Overview ignore-html-and-css-imports is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious...

Unhead Vulnerable to Bypass of URI Scheme Sanitization in makeTagSafe via Case-Sensitivity

The link.href check in makeTagSafe safe.ts, line 68-71 uses String.includes, which is case-sensitive: typescript if key === 'href' if val.includes'javascript:' || val.includes'data:' return nextkey = val Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as...

PT-2026-33138

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in CSS allows a remote attacker to execute arbitrary code inside a sandbox by inducing the victim to open a crafted HTML page. Use after free is a memory...

FreeBSD : Firefox -- Same-origin policy bypass (e1e40d50-1de2-11f1-8aff-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e1e40d50-1de2-11f1-8aff-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2018400 reports: Same-origin policy bypass in the CSS Parsi...

OPENSUSE-SU-2026:20345-1 Security update for python-lxml_html_clean

This update for python-lxmlhtmlclean fixes the following issues: Changes in python-lxmlhtmlclean: - CVE-2026-28348: improper keywords checking can allow external CSS loading bsc1259378 - CVE-2026-28350: lack of base tag handling can allow the hijacking of the resolution of relative URLs bsc125937...

SUSE CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...

EUVD-2026-10505

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...

CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...

CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...

CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...

UBUNTU-CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...

CVE-2026-30977 RenderBlocking has Stored XSS in renderblocking-css with Inline Assets mode

RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. Prior to 0.1.1, there is Stored XSS in renderblocking-css with Inline Assets mode. $wgRenderBlockingInlineAssets = true and editsitecss user rights are required. This...

CVE-2026-30977

The CVE covers the MediaWiki extension RenderBlocking. Before version 0.1.1, a Stored XSS flaw existed in renderblocking-css when Inline Assets mode was used. Exploitation requires wgRenderBlockingInlineAssets = true and editsitecss user rights. The issue is fixed in 0.1.1. Affected component: re...

CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...

CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...