NPM: Mermaid: Improper sanitization of configuration leads to CSS injection

NPM: Mermaid: Improper sanitization of configuration leads to CSS injection vulnerability discovered by ? in WordPress Npm mermaid versions = 10.9.5...

Arbitrary Code Injection

Overview mermaid is a package for generation of diagrams and flowcharts from text in a similar manner as markdown. Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of configuration options such as fontFamily, themeCSS, and altFontFamily. An...

Arbitrary Code Injection

Overview mermaid is a package for generation of diagrams and flowcharts from text in a similar manner as markdown. Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of input passed to the addStyleClass function. An attacker can inject...

NPM: Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection

NPM: Mermaid: Improper sanitization of classDefs in diagrams leads to CSS injection vulnerability discovered by ? in WordPress Npm mermaid versions = 10.9.5...

Arbitrary Code Injection

Overview org.webjars.npm:mermaid is a package for generation of diagrams and flowcharts from text in a similar manner as markdown. Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of input passed to the addStyleClass function. An attacker c...

Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection

Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures classDef values with an unrestricted regex: jison // packages/mermaid/src/diagrams/state/parser/stateDiagram.jison:83 ^\n...

CVE-2026-42857

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

CVE-2026-42857 Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

CVE-2026-6433

The Custom css-js-php WordPress plugin through 2.0.7 does not properly sanitize user input before using it in a SQL query, and the result is passed to eval, allowing unauthenticated users to execute arbitrary PHP code on the server...

CVE-2026-6433 Custom CSS JS PHP <= 2.0.7 - Unauthenticated SQL Injection to RCE

The Custom css-js-php WordPress plugin through 2.0.7 does not properly sanitize user input before using it in a SQL query, and the result is passed to eval, allowing unauthenticated users to execute arbitrary PHP code on the server...

CVE-2026-6433

Summary (CVE-2026-6433) : The Custom css-js-php WordPress plugin is vulnerable through versions up to 2.0.7 where unsanitized user input is used in a SQL query and the result is passed to eval(), enabling unauthenticated remote command execution (RCE). Exploitation and impact are stated across mu...

CVE-2026-6433 Custom CSS JS PHP <= 2.0.7 - Unauthenticated SQL Injection to RCE

The Custom css-js-php WordPress plugin through 2.0.7 does not properly sanitize user input before using it in a SQL query, and the result is passed to eval, allowing unauthenticated users to execute arbitrary PHP code on the server...

PT-2026-39885

Name of the Vulnerable Software and Affected Versions Mermaid versions prior to 10.9.6 Mermaid versions 11.0.0-alpha.1 through 11.14.0 Description Improper sanitization in the state diagram and other diagram types that route user-controlled style strings through the createCssStyles parser allows...

CoreExploit-Final

CoreExploit 🔐 Ethical Penetration Testing Learning Platfor...

Improper Encoding or Escaping of Output

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output the styleObjectForEach and jsxAttr style serialization paths in the JSX runtime. An attacker can inject arbitrary CSS declarations by supplying...

NPM: Hono has CSS Declaration Injection via Style Object Values in JSX SSR

NPM: Hono has CSS Declaration Injection via Style Object Values in JSX SSR vulnerability discovered by ? in WordPress Npm hono versions 4.12.18...

GHSA-QP7P-654G-CW7P Hono has CSS Declaration Injection via Style Object Values in JSX SSR

Summary The JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into the rendered style attribute. The impact is limited to CSS and does not allow JavaScript executio...

Hono has CSS Declaration Injection via Style Object Values in JSX SSR

Summary The JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into the rendered style attribute. The impact is limited to CSS and does not allow JavaScript executio...

CVE-2026-7938

An use after free flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=492735384...

Infinite loop

Overview justhtml is an A pure Python HTML5 parser that just works. Affected versions of this package are vulnerable to Infinite loop in the handling of CSS selectors and linkification processes. An attacker can cause excessive CPU or memory consumption by supplying specially crafted selector...