Lucene search
+L

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.23 views

EUVD-2021-1568

Malware in sbrugna...

6.1CVSS6.1AI score0.00702EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-26870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a...

6.1CVSS6.7AI score0.04881EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2023/01/10 10:48 p.m.58 views

Reflected XSS in Gotify's /docs via import of outdated Swagger UI

Impact Gotify exposes an outdated instance of the Swagger UI API documentation frontend at /docs which is susceptible to reflected XSS attacks when loading external Swagger config files. Specifically, the DOMPurify version included with this version of Swagger UI is vulnerable to a rendering XSS...

6.1CVSS2.1AI score0.04881EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/01/10 10:48 p.m.315 views

GHSA-3244-8MFF-W398 Reflected XSS in Gotify's /docs via import of outdated Swagger UI

Impact Gotify exposes an outdated instance of the Swagger UI API documentation frontend at /docs which is susceptible to reflected XSS attacks when loading external Swagger config files. Specifically, the DOMPurify version included with this version of Swagger UI is vulnerable to a rendering XSS...

6.3AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2021/08/25 8:55 p.m.28 views

Cross-site Scripting in ammonia

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...

6.1CVSS6.2AI score0.00702EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2021/08/25 8:55 p.m.102 views

GHSA-5325-XW5M-PHM3 Cross-site Scripting in ammonia

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...

6.1CVSS6.1AI score0.00702EPSS
Exploits1References5
OSV
OSV
added 2021/08/08 6:15 a.m.30 views

CVE-2021-38193

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...

6.1CVSS5.9AI score
Exploits0References2
Prion
Prion
added 2021/08/08 6:15 a.m.34 views

Design/Logic Flaw

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...

4.3CVSS6AI score0.04881EPSS
Exploits2References2Affected Software1
Debian
Debian
added 2020/10/29 4:3 p.m.117 views

[SECURITY] [DLA 2419-1] dompurify.js security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2419-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 29, 2020 https://wiki.debian.org/LTS -...

6.1CVSS7AI score0.04881EPSS
Exploits3
Prion
Prion
added 2020/10/16 5:15 a.m.23 views

Design/Logic Flaw

Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution. NOTE: this might be considered a duplicate of CVE-2020-26870; however, it can also be considered an issue in the design of the "source code mode" feature, which parses HTML even though HTML support is not one of...

6.8CVSS6.2AI score0.04881EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder