BIT-GOLANG-2026-39826 Escaper bypass leads to XSS in html/template

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

SUSE CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

EUVD-2026-28426

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

DEBIAN-CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

UBUNTU-CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

CVE-2026-39826

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

PT-2026-38567

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists where a trusted template author can include a tag with an empty type attribute or a type attribute containing ASCII whitespace. This causes the...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which occurs when the script tag contains an empty type attribute or a type attribute containing an...

WordPress plugin Page Builder Gutenberg Blocks – CoBlocks 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Plugin Avada Core Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin Avada Core, which stems fro...

Moodle 安全漏洞

Moodle is an open-source e-learning software platform developed by Moodle. It is also known as a course management system, learning management system, or virtual learning environment. There are security vulnerabilities in Moodle; these vulnerabilities arise from improper escaping of data fields...

WordPress SpiceForms Form Builder plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress SpiceForms Form Builder plugin, which stems from the lack of effective filtering and escaping of user-supplied data ...

WordPress Greenhouse Job Board plugin cross-site scripting vulnerability

The WordPress Greenhouse Job Board plugin is a tool for integrating job listings from the Greenhouse.io recruiting platform into your WordPress site. The WordPress Greenhouse Job Board plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

WordPress Draft Notify plugin cross-site scripting vulnerability

WordPress Draft Notify plugin is a WordPress plugin for managing draft notifications on your WordPress site. The WordPress Draft Notify plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...

RHEL 9 : httpd (RHSA-2025:14901)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14901 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient...

WordPress plugin Essential Widgets 安全漏洞

WordPress Essential Widgets plugin is a tool used to enhance the functionality of your website, mainly providing the ability to create and add highly customizable widgets Widgets to help users manage the layout of their website content more flexibly. A cross-site scripting vulnerability exists in...

WordPress plugin Arconix Shortcodes 跨站脚本漏洞

WordPress Arconix Shortcodes plugin is a plugin that provides a wide range of shortcode functionality for WordPress websites. WordPress Arconix Shortcodes plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...