Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-0695

Malicious code in bioql PyPI...

6.1CVSS4.7AI score0.0053EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 12:58 a.m.5 views

CVE-2016-15025

A vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/app.js of the component 404 Error Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotel...

6.1CVSS6.2AI score0.0053EPSS
Exploits0References1
Veracode
Veracode
added 2023/02/27 12:16 p.m.31 views

Reflected Cross-site Scripting (XSS)

generator-hottowel is vulnerable to Reflected Cross-site Scripting XSS attacks. The library does not properly handle invalid calls to assets as it uses a custom 404 response object, allowing an attacker to inject and execute JavaScript through the app.use function in app/templates/src/server/app....

6.1CVSS2.1AI score0.0053EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/02/20 12:30 p.m.32 views

generator-hottowel Cross-site Scripting vulnerability

A vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/app.js of the component 404 Error Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotel...

6.1CVSS2.2AI score0.0053EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/02/20 12:30 p.m.18 views

GHSA-F8HV-RX9P-F9R4 generator-hottowel Cross-site Scripting vulnerability

A vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/app.js of the component 404 Error Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotel...

6.1CVSS6AI score0.0053EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/02/20 9:31 a.m.26 views

CVE-2016-15025 generator-hottowel 404 Error _app.js cross site scripting

A vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/app.js of the component 404 Error Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotel...

4CVSS6AI score0.0053EPSS
Exploits0References4
CVE
CVE
added 2023/02/20 9:31 a.m.47 views

CVE-2016-15025

The CVE-2016-15025 entry concerns generator-hottowel 0.0.11. Affected is an unknown function in app/templates/src/server/_app.js (404 Error Handler). The issue allows cross-site scripting and can be exploited remotely. A patch named c17092fd4103143a9ddab93c8983ace8bf174396 is available; applying ...

6.1CVSS4.7AI score0.0053EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.4 views

PT-2023-10344 · Unknown · Generator-Hottowel

Name of the Vulnerable Software and Affected Versions: generator-hottowel version 0.0.11 Description: A problematic issue was found in the 404 Error Handler component, specifically in the file app/templates/src/server/ app.js. This issue leads to cross-site scripting and can be exploited remotely...

6.1CVSS4.2AI score0.0053EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/02/20 12:0 a.m.3 views

generator-hottowel 跨站脚本漏洞

generator-hottowel is a Yo generator by John Papa Personal Developer. Angular applications are created with HotTowel. A cross-site scripting vulnerability exists in generator-hottowel version 0.0.11, which stems from an issue with unknown functionality in the file app/templates/src/server/app.js ...

6.1CVSS4.6AI score0.0053EPSS
Exploits0References6
Rows per page
Query Builder