Memory Allocation with Excessive Size Value

Overview github.com/gofiber/fiber/v3 is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the parseAndClearFlashMessages function. An attacker can cause excessive memory allocation by sending a...

Reflective Cross-site Scripting Vulnerability in twitter-bootstrap-rails

The twitter-bootstrap-rails Gem for Rails contains a flaw that enables a reflected cross-site scripting XSS attack. This flaw exists because the bootstrapflash helper method does not validate input when handling flash messages before returning it to users. This may allow a context-dependent...

Cross-Site Scripting (XSS)

Invenio is vulnerable to cross-site scripting XSS. It is exploitable because the search flash messages are not displayed as HTML by default...

Cross-Site Scripting (XSS)

Invenio is vulnerable to cross-site scripting XSS attacks. It is exploitable because the main flash messages are displayed as HTML by default...

Reflective XSS Vulnerability in twitter-bootstrap-rails

The twitter-bootstrap-rails Gem for Rails contains a flaw that enables a reflected cross-site scripting XSS attack. This flaw exists because the bootstrapflash helper method does not validate input when handling flash messages before returning it to users. This may allow a context-dependent...