CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

react-doc-viewer 跨站脚本漏洞

react-doc-viewer is a React documentation viewer component developed by Damian Cyntler. Version 1.17.1 of react-doc-viewer contains a cross-site scripting vulnerability. This vulnerability arises from the TXTRenderer component failing to clean up file content and explicitly converting raw data in...

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

PT-2026-42214

Name of the Vulnerable Software and Affected Versions @cyntler/react-doc-viewer version 1.17.1 Description A Cross-Site Scripting XSS issue exists where remote attackers can execute arbitrary JavaScript by using a crafted .txt file. This occurs because the TXTRenderer component does not sanitize...

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

Tinyfilemanager-Wh1Z-Edition - Effortlessly Browse And Manage Your Files With Ease Using Tiny File Manager [WH1Z-Edition], A Compact Single-File PHP File Manager

Introducing Tiny File Manager WH1Z-Edition, the compact and efficient solution for managing your files and folders with enhanced privacy and security features. Gone are the days of relying on external resources – I've stripped down the code to its core, making it truly lightweight and perfect for...

CVE-2010-4025

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document...

Design/Logic Flaw

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document...

CVE-2010-4025

CVE-2010-4025 affects Palm webOS 1.4.1's Doc Viewer. A crafted Word document could allow remote code execution. HP’s security bulletin HPSBMI02573 rev.1 recommends updating to webOS 1.4.5+ (or later) to mitigate; until then, avoid untrusted Word docs. The HP bulletin lists CVSS v2 base 6.8 (AV:L/...

CVE-2010-4025

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document...

HPSBMI02573 SSRT100227 rev.1 - Palm webOS, webOS Doc Viewer, Execution of Arbitrary Code

Potential Security Impact Execution of arbitrary code VULNERABILITY SUMMARY A potential security vulnerability has been identified with Palm webOS Doc Viewer. This vulnerability could be exploited to execute arbitrary code. RESOLUTION The vulnerability can be resolved by updating affected devices...