Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-21704

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00537EPSS
Exploits0References9
RedhatCVE
RedhatCVEadded 2025/07/18 1:58 p.m.2 views

CVE-2025-53892

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS6.5AI score0.00537EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/07/16 7:32 p.m.8 views

vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes

Summary The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution of certain tag-based payloads, such as , if the interpolated value is inserted inside an HTML context...

5.3CVSS5.2AI score0.00537EPSS
Exploits0References10Affected Software5
OSV
OSVadded 2025/07/16 1:42 p.m.2 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS6.4AI score0.00537EPSS
Exploits0References10
Cvelist
Cvelistadded 2025/07/16 1:42 p.m.100 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS0.00537EPSS
Exploits0References8
CVE
CVEadded 2025/07/16 1:42 p.m.15 views

CVE-2025-53892

CVE-2025-53892 (Vue I18n) describes a DOM-based XSS in the Vue I18n escapeParameterHtml: true option. Vulnerability occurs when interpolated parameters are rendered inside HTML via v-html, allowing tag-based payloads (e.g., ) to execute in versions before fixes. The advisory notes affected ranges...

5.3CVSS6.1AI score0.00537EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2025/07/16 1:42 p.m.2 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS5.9AI score0.00537EPSS
Exploits0References8
Rows per page
Query Builder