Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to 140.4. changed: Account Hub is now disabled by default for second email account bmo1992027 changed: Flatpak runtime has been updated to Freedesktop SDK 24.08 bmo1952100 fixed: Users could not read mail...

EUVD-2020-6350

Malware in sbrugna...

GHSA-RRFF-CHJ9-W4C7 Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability via Header Link Rendering

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability via Header Link Rendering

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

CVE-2025-24853

CVE-2025-24853 affects Apache JSPWiki. The issue is a Cross-Site Scripting (XSS) vulnerability in header link processing, caused by unsafely handling header links created via wiki markup (and, per later research, the markdown parser). When exploited, an attacker could cause JavaScript execution i...

CVE-2025-24853 Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Header Link processing

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

CVE-2025-24853 Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Header Link processing

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

CVE-2020-14194

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link...

IR615 Router 安全漏洞

The IR615 Router is a 4G industrial router from Rimu Technologies, China. The IR615 Router has a security vulnerability that could be exploited by an attacker by sending a link to the administrator to exploit the header, which constitutes the router's management portal and tricks the administrato...

CVE-2020-14194

Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link...