4 matches found
EUVD-2025-198083
The comment editing template dzz/comment/template/editform.htm in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in multiple contexts, including HTML and JavaScript strings. This allows low-privilege attackers to construct comment content or request parameters and...
DzzOffice 安全漏洞
DzzOffice is a platform from Big Desk DzzOffice that provides online collaborative office suite functionality. It provides online documents, forms, webstores, presentations, and other features. A security vulnerability exists in DzzOffice version 2.3.x. The vulnerability stems from a comment...
PT-2025-47383
Name of the Vulnerable Software and Affected Versions DzzOffice versions 2.3.x Description The comment editing template in DzzOffice does not properly sanitize user-supplied data when handling HTML and JavaScript strings. This allows a low-privilege attacker to inject and execute arbitrary...
Easypush Server Manager Persistent Xss Vulnerability
No description provided by source. Name : Easypush Server Manager Persistent Xss Vulnerability Date : Sept,1 2010 Vendor Url : http://deeproot.in/ Author : Sid3^effects aKa HaRi shellc99atyahoo.com Big hugs : Th3 RDX,Hananbutt special thanks to : r0073r inj3ct0r.com,L0rd...