CVE-2023-49926

app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget...

EUVD-2023-53821

Malicious code in bioql PyPI...

CVE-2025-6269

creationtimestamp| type| source ---|---|--- 2025-06-19 16:45:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18870 2025-06-19 19:41:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrybqzhtkg25...

CVE-2025-23845

creationtimestamp| type| source ---|---|--- 2025-02-17 11:43:18+00:00| seen| https://infosec.exchange/users/cve/statuses/114019047674107538 2025-02-17 12:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liepxywjc72y 2025-02-17 14:02:10+00:00| seen|...

CVE-2025-24811

creationtimestamp| type| source ---|---|--- 2025-02-11 11:09:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113984941120195910 2025-02-11 11:16:17+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhvju3nrrt2i 2025-02-11 12:32:31+00:00| seen|...

CVE-2023-21563

creationtimestamp| type| source ---|---|--- 2024-12-31 20:58:19+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3lemws6n4vd2r 2025-01-01 19:08:33+00:00| published-proof-of-concept| https://t.me/itsecnews/5076 2025-01-04 08:39:32+00:00| seen|...

CVE-2024-0224

creationtimestamp| type| source ---|---|--- 2024-01-04 03:31:47+00:00| seen| https://t.me/ctinow/162749 2024-01-06 00:31:30+00:00| seen| https://t.me/ctinow/163779 2024-01-23 23:56:52+00:00| seen| https://t.me/ctinow/172416...

CVE-2023-49926

app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget...

PT-2023-31413 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.179 Description: The issue allows for XSS in the event timeline widget. This is due to a problem in the app/Lib/Tools/EventTimelineTool.php file. Recommendations: For versions prior to 2.4.179, update to version...

SUSE CVE-2014-1565

The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab Community Edition CE and GitLab...

CVE-2022-1324

The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-1324

The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

Cross site scripting

The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2022-1324

CVE-2022-1324 affects the WordPress Event Timeline plugin (versions

PT-2022-13798 · WordPress · Event Timeline Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Event Timeline WordPress plugin versions 1.1.5 and earlier Description: The issue allows high-privileged users, such as admins, to perform Cross-Site Scripting attacks due to the lack of sanitization and escaping of Timeline Text, even when...

WordPress plugin Event Timeline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

Event Timeline <= 1.1.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Create/edit a Timeline, put the following payload in the "Text" field at the bottom: Click save below the...

Event Timeline <= 1.1.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create/edit a Timeline, put the following payload in the "Text" field at the bottom: alert/XSS/ Click save...

WordPress Event Timeline plugin <= 1.1.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Event Timeline plugin versions = 1.1.6. Solution No patched version available...