Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.3 had a cross-site scripting vulnerability. This vulnerability stemmed from the XLSX.utils.sheettohtml function, which was rendered using @html excelHtml without...

Highcharts JS Cross-Site Scripting Vulnerability

Highcharts JS is an SVG-based JavaScript charting framework. DOMPurify is a DOM Document Object Model written in JavaScript for HTML, MathML and SVG. A cross-site scripting vulnerability exists in Highcharts JS, which can be exploited by an attacker to execute code in a browser...