CVE-2025-7760

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web Package Flora: from v3.0 through 03022026. NOTE: The...

Malicious code in flora-3mdfo-zp4v0-iceberg-project (npm)

The package flora-3mdfo-zp4v0-iceberg-project was found to contain malicious code...

MAL-2025-20708 Malicious code in flora-6evw8-5gm76-indigo-project (npm)

The package flora-6evw8-5gm76-indigo-project was found to contain malicious code...