12 matches found
EUVD-2018-0148
Malware in sbrugna...
Malicious code in ant-galaxy-sti865-project (npm)
The package ant-galaxy-sti865-project was found to contain malicious code...
Galaxy Code Issues Vulnerabilities
Galaxy is an open source platform for FAIR data analysis open-sourced by Galaxy Project. A code issue vulnerability exists in Galaxy versions prior to 22.05 that stems from the presence of a Server Request Forgery SSRF vulnerability. An attacker can exploit this vulnerability to send arbitrary...
GHSA-QQR6-VM23-M488 Galaxy cross-site scripting (XSS)
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
Galaxy cross-site scripting (XSS)
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
CVE-2018-1000516
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
CVE-2018-1000516
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
Cross site scripting
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
PYSEC-2018-149
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
PYSEC-2018-149
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
CVE-2018-1000516
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting XSS attacks. In this form of attack,...
CVE-2018-1000516
CVE-2018-1000516 concerns the Galaxy Project Galaxy version 14.10, where multiple templates fail to properly sanitize user input, enabling cross-site scripting (XSS) via crafted URLs. The root cause is CWE-79 Improper Neutralization of Input During Web Page Generation, allowing injected JavaScrip...