Lucene search
K

4 matches found

NVD
NVD
added 2026/06/24 9:16 p.m.7 views

CVE-2026-52816

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook ipynb sanitizer endpoint at POST /-/api/sanitizeipynb allows arbitrary data: URIs without proper restrictions, potentially leading to Cross-Site Scripting XSS. The endpoint uses bluemonday.UGCPolicy with...

6.4CVSS0.00677EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-23518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions = 1.0.3, = 2.1.0. This issue is patched in version 1.4.4...

6.1CVSS6.5AI score0.00867EPSS
Exploits1References2
Hacker One
Hacker One
added 2021/11/11 1:59 p.m.17 views

Judge.me : Stored XSS in Public Profile Reviews

A stored XSS vulnerability was found in the public profile review section of a platform. Attackers could add a product description with a data URI XSS payload in HTML format, which would execute when a user clicked on the HTML tag. This could lead to the execution of arbitrary code in the victim'...

6.4AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2012/11/14 5:8 p.m.9 views

opera to 12.10 (important)

This Opera 12.10 security update fixes following security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate...

0.8AI score
Exploits0References1
Rows per page
Query Builder