Lucene search
K

275 matches found

OSV
OSV
added 2025/12/19 7:17 p.m.2 views

GHSA-72MH-HGPM-6384 Orejime has executable code in HTML attributes

Impact On HTML elements handled by Orejime, one could run malicious code by embedding javascript: code within data attributes. When consenting to the related purpose, Orejime would turn data attributes into unprefixed ones i.e. data-href into href, thus executing the code. This shouldn't have any...

6.1CVSS6.9AI score0.00183EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/10 9:37 p.m.2 views

CVE-2025-64501 ProsemirrorToHtml: Cross-Site Scripting vulnerability through unescaped HTML attribute values

ProsemirrorToHtml is a JSON converter which takes ProseMirror-compatible JSON and outputs HTML. In versions 0.2.0 and below, the prosemirrortohtml gem is vulnerable to Cross-Site Scripting XSS attacks through malicious HTML attribute values. While tag content is properly escaped, attribute values...

7.6CVSS5.3AI score0.00192EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/06 3:44 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper escaping of HTML attribute values. An attacker can execute arbitrary JavaScript in the context of a user's browser by injecting malicious HTML attribute values into user-generated content...

7.6CVSS5.3AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 7:38 p.m.20 views

EUVD-2025-35364

Vert.x-Web vulnerable to Stored Cross-site Scripting in directory listings via file names...

2.3CVSS5.9AI score0.00265EPSS
Exploits1References3
NVD
NVD
added 2025/10/22 3:15 p.m.11 views

CVE-2025-11966

In Eclipse Vert.x versions 4.0.0, 4.5.21 and 5.0.0, 5.0.4, when "directory listing" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories within a served path...

6.4CVSS0.00265EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:44 p.m.4 views

CVE-2025-11966

In Eclipse Vert.x versions 4.0.0, 4.5.21 and 5.0.0, 5.0.4, when "directory listing" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories within a served path...

2.3CVSS5.2AI score0.00265EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1890

Malware in sbrugna...

4.3CVSS6.1AI score0.0121EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-5776

Malware in sbrugna...

4.3CVSS6.4AI score0.01313EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-9502

Malware in sbrugna...

6.1CVSS6.3AI score0.00655EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-1654

Malware in sbrugna...

6.1CVSS7.7AI score0.01513EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0188

Malware in sbrugna...

6.1CVSS7.1AI score0.01984EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-1709

Malware in sbrugna...

4.3CVSS6.1AI score0.02657EPSS
Exploits2References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-1947

Malware in sbrugna...

4.3CVSS6.4AI score0.01141EPSS
Exploits2References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-1756

Malware in sbrugna...

4.8CVSS4.9AI score0.00557EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-6119

Malware in sbrugna...

4.3CVSS6.1AI score0.10826EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/10/06 12:0 a.m.8 views

PT-2025-40854

Name of the Vulnerable Software and Affected Versions Responsive Lightbox & Gallery WordPress plugin versions prior to 2.5.3 Description The software does not properly handle HTML tag attribute modifications, which could allow unauthenticated attackers to include event handlers and conduct Stored...

6.3CVSS5.2AI score0.00199EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-27013

Malicious code in bioql PyPI...

6.1CVSS4.8AI score0.00568EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3458

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00574EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-42540

Malicious code in bioql PyPI...

8.2CVSS6.5AI score0.00705EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-32972

Malicious code in bioql PyPI...

7.3CVSS6.3AI score0.01037EPSS
Exploits0References4
Rows per page
Query Builder