EUVD-2017-0286

Malware in sbrugna...

CVE-2023-3042

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes // from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edittextinc.jsp , which should return a 404 response b...

PT-2023-22684 · Dotcms · Dotcms

Name of the Vulnerable Software and Affected Versions: dotCMS versions prior to 23.06 dotCMS versions prior to LTS 22.03.7 dotCMS versions prior to LTS 23.01.4 Description: A flaw in the NormalizationFilter of dotCMS does not strip double slashes // from URLs, potentially enabling bypasses for XS...

SUSE CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

GHSA-Q4QQ-FM7Q-CWP5 Multiple XSS Filter Bypasses in validator

Versions of validator prior to 1.1.0 are affected by several cross-site scripting vulnerabilities due to bypasses discovered in the blacklist-based filter. Proof of Concept Various inputs that could bypass the filter were discovered: Improper parsing of nested tags: This is a test Incomplete...

Cross site scripting

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

UBUNTU-CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

CVE-2013-7454

Removed by vendor...

CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...