8 matches found
CVE-2023-50550
layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...
CVE-2023-50550
layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...
CVE-2023-50550
layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...
CVE-2023-50550
layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...
layui Cross-Site Scripting Vulnerability
Layui is Layui open source Web UI component library that follows the original development model . A cross-site scripting vulnerability exists in versions prior to layui v2.74, which stems from the inclusion of cross-site scripting in the data-content parameter...
PT-2023-31585 · Layui · Layui
Name of the Vulnerable Software and Affected Versions: layui versions up to v2.74 Description: The issue is a cross-site scripting XSS vulnerability. It occurs via the data-content parameter. Recommendations: For versions up to v2.74, as a temporary workaround, consider restricting the use of the...
CVE-2018-19192
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the datacontent parameter...
Cross site request forgery (csrf)
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the datacontent parameter...