Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0649

Malware in sbrugna...

6.1CVSS6.1AI score0.0105EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/05/22 12:59 p.m.10 views

CVE-2018-20583

Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...

6.1CVSS5.8AI score0.01597EPSS
Exploits1References1
OSV
OSV
added 2019/03/24 6:29 p.m.14 views

CVE-2019-10010

Cross-site scripting XSS vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583...

6.1CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2019/03/24 5:58 p.m.85 views

CVE-2019-10010

CVE-2019-10010 affects the PHP League CommonMark library (versions up to and including 0.18.2). The vulnerability arises in the renderer when double-encoded HTML entities are not properly escaped, allowing an attacker to craft links that execute unsafe code (XSS). The issue is fixed in 0.18.3, wh...

6.1CVSS5.9AI score0.0105EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/03/24 5:58 p.m.40 views

CVE-2019-10010

Cross-site scripting XSS vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583...

6AI score0.0105EPSS
Exploits1References2
OSV
OSV
added 2018/12/30 5:29 a.m.18 views

CVE-2018-20583

Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...

6.1CVSS5.8AI score
Exploits0References3
CVE
CVE
added 2018/12/30 5:0 a.m.69 views

CVE-2018-20583

The PHP League CommonMark library (versions 0.15.6–0.18.x before 0.18.1) is affected by CVE-2018-20583: an XSS flaw that lets remote attackers insert unsafe URLs into HTML via newline-encoded strings (e.g., javascri%0apt), even when allow_unsafe_links is false. Remediation: upgrade to 0.18.1 or l...

6.1CVSS5.9AI score0.01597EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/12/30 5:0 a.m.38 views

CVE-2018-20583

Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...

6AI score0.01597EPSS
Exploits1References3
Rows per page
Query Builder