10 matches found
PySpector 跨站脚本漏洞
PySpector is a high-performance Python static security analysis framework developed by Tommaso Bona. Versions of PySpector 0.1.6 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting mechanism in the HTML report generator,...
Stored XSS in PySpector HTML Report Generation leads to Javascript Code Execution
Summary PySpector versions = 0.1.6 are affected by a stored Cross-Site Scripting XSS vulnerability in the HTML report generator. When PySpector scans a Python file containing JavaScript payloads i.e. inside a string passed to eval , the flagged code snippet is interpolated into the HTML report...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
Cross site scripting
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720
CVE-2024-0720 affects FactoMineR FactoInvestigate up to version 1.9, with the HTML Report Generator component vulnerable to cross-site scripting. The vulnerability is triggered in the HTML Report Generator, can be exploited remotely, and the exploit has been disclosed publicly. Reports from multi...
CVE-2024-0720 FactoMineR FactoInvestigate HTML Report Generator cross site scripting
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720 FactoMineR FactoInvestigate HTML Report Generator cross site scripting
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
PT-2024-15779 · Unknown · Factominer Factoinvestigate
Name of the Vulnerable Software and Affected Versions: FactoMineR FactoInvestigate versions up to 1.9 Description: A problematic vulnerability was found in the HTML Report Generator component of FactoMineR FactoInvestigate, leading to cross-site scripting. The manipulation can be launched remotel...