4 matches found
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
CVE-2025-48102
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gourl GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership gourl-bitcoin-payment-gateway-paid-downloads-membership allows Stored XSS.This issue affects GoUrl Bitcoin Payment Gateway & Paid...
CVE-2025-48102
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gourl GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership gourl-bitcoin-payment-gateway-paid-downloads-membership allows Stored XSS.This issue affects GoUrl Bitcoin Payment Gateway & Paid...
CVE-2025-48102
CVE-2025-48102 describes a stored XSS in the WordPress plugin GoUrl Bitcoin Payment Gateway & Paid Downloads & Membership versions up to 1.6.6 . The vulnerability arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. Public sources in conne...