9 matches found
EUVD-2025-29217
Malicious code in bioql PyPI...
CVE-2025-58172
drawnix is an all in one open-source whiteboard tool. In drawnix versions through 0.2.1, a cross-site scripting XSS vulnerability exists in the debug logging functionality. User controlled content is inserted directly into the DOM via innerHTML without sanitization when the global function...
CVE-2025-58172
drawnix is an all in one open-source whiteboard tool. In drawnix versions through 0.2.1, a cross-site scripting XSS vulnerability exists in the debug logging functionality. User controlled content is inserted directly into the DOM via innerHTML without sanitization when the global function...
CVE-2025-58172 drawnix debug logging cross-site scripting vulnerability
drawnix is an all in one open-source whiteboard tool. In drawnix versions through 0.2.1, a cross-site scripting XSS vulnerability exists in the debug logging functionality. User controlled content is inserted directly into the DOM via innerHTML without sanitization when the global function...
CVE-2025-58172 drawnix debug logging cross-site scripting vulnerability
drawnix is an all in one open-source whiteboard tool. In drawnix versions through 0.2.1, a cross-site scripting XSS vulnerability exists in the debug logging functionality. User controlled content is inserted directly into the DOM via innerHTML without sanitization when the global function...
CVE-2025-58172 drawnix debug logging cross-site scripting vulnerability
drawnix is an all in one open-source whiteboard tool. In drawnix versions through 0.2.1, a cross-site scripting XSS vulnerability exists in the debug logging functionality. User controlled content is inserted directly into the DOM via innerHTML without sanitization when the global function...
CVE-2025-58172
The CVE-2025-58172 issue affects drawnix versions through 0.2.1, where the debug logging logger inserts untrusted content directly into the DOM via innerHTML without sanitization (in apps/web/src/app/app.tsx). The root cause is unsanitized user-controlled data being written to the DOM through the...
drawnix 跨站脚本漏洞
drawnix is a whiteboard tool from plait-board open source. A cross-site scripting vulnerability exists in drawnix 0.2.1 and earlier versions, which stems from not cleaning up user input and inserting it directly into the DOM via innerHTML, which may lead to cross-site scripting attacks...
PT-2025-37726
Name of the Vulnerable Software and Affected Versions: drawnix versions through 0.2.1 Description: drawnix is an all-in-one open-source whiteboard tool. A cross-site scripting XSS issue exists in the debug logging functionality. User-controlled content is inserted directly into the DOM via...