4 matches found
Home Assistant < 0.57 XSS Vulnerability
Home Assistant is prone to a cross-site scription XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-16782
In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS...
CVE-2017-16782
In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS...
CVE-2017-16782
CVE-2017-16782 affects Home Assistant prior to 0.57. It is a cross-site scripting (XSS) vulnerability in the persistent notification rendering, where crafted Markdown text can inject JavaScript. The root cause is improper sanitization in Markdown rendering for notifications, enabling arbitrary sc...