16 matches found
EUVD-2007-2280
Malware in sbrugna...
EUVD-2018-19729
Malware in sbrugna...
Malicious code in bfx-ext-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7cee42d2102a5c9632227caed184c8ba5ceea65b52d16e1aa97946f3eb2120a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1513 Malicious code in bfx-ext-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7cee42d2102a5c9632227caed184c8ba5ceea65b52d16e1aa97946f3eb2120a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Cross site scripting
The getTip method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip method of Action Column...
CVE-2018-8046
The getTip method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip method of Action Column...
CVE-2018-8046
The getTip method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip method of Action Column...
CVE-2018-8046
The getTip method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip method of Action Column...
CVE-2018-8046
The CVE-2018-8046 issue affects Sencha Ext JS 4–6 prior to 6.6.0. The getTip() method in Action Columns unescapes HTML-escaped data, enabling cross-site scripting if tooltips contain user-controlled content. Public information confirms vulnerability details and that a fix was released in 6.6.0 (w...
extjs getTip() Cross Site Scripting Vulnerability
Exploit for jsp platform in category web applications A XSS vulnerability exists in the getTip method of Action Columns. The Ext JS framework brings no built-in XSS protection, meaning that developers are responsible for sanitizing their output. However. the method above takes HTML-escaped data a...
DSA-2882-1 extplorer - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2882-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-2285
Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 Ext JS allows remote attackers to read arbitrary files via a .. dot dot in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent...
Directory traversal
Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 Ext JS allows remote attackers to read arbitrary files via a .. dot dot in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent...
CVE-2007-2285
Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 Ext JS allows remote attackers to read arbitrary files via a .. dot dot in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent...
CVE-2007-2285
CVE-2007-2285 affects the Ext JS example component: layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1. The vulnerability is a directory traversal that allows a remote attacker to read arbitrary files by manipulating the feed parameter via "..". Public sources confirm the same description across...