Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/06/19 8:47 p.m.5 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the formattr function when handling JSON object keys of exactly 65,535 bytes with createid enabled. An attacker can cause heap memory corruption and crash the process by supplying a specially crafted JSON payload with ...

8.7CVSS5.9AI score0.00253EPSS
Exploits0References2
Veracode
Veracode
added 2021/03/23 8:47 a.m.10 views

Cross-site Scripting (XSS)

spoon/library is vulnerable to cross-site scripting XSS attacks. A specifically crafted string injected through form attribute placeholders allows remote attackers to execute malicious scripts...

5.7AI score
Exploits0
OSV
OSV
added 2016/12/20 10:59 p.m.51 views

UBUNTU-CVE-2016-5303

Cross-site scripting XSS vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form 1 action or 2 xlink attribute...

6.1CVSS6.5AI score0.01509EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2012/02/22 12:0 a.m.34 views

bugzilla Cross-Site Request Forgery

A Bugzilla Security Advisory reports: The following security issues have been discovered in Bugzilla: Due to a lack of validation of the enctype form attribute when making POST requests to xmlrpc.cgi, a possible CSRF vulnerability was discovered. If a user visits an HTML page with some malicious...

5.1CVSS6.5AI score0.00826EPSS
Exploits0References1
Rows per page
Query Builder