EUVD-2026-29694

Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...

DivvyDrive 安全漏洞

DivvyDrive is a file storage and sharing management platform developed by DivvyDrive Inc. in Turkey. Versions of DivvyDrive from 4.8.2.9 to 4.8.3.2 contained security vulnerabilities. These vulnerabilities were caused by improper use of HTML tags related to scripts in web pages, which could lead ...

CVE-2025-58970

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AmentoTech Doctreat doctreat allows Code Injection.This issue affects Doctreat: from n/a through = 1.6.7...

EUVD-2025-3977

Malicious code in bioql PyPI...

EUVD-2022-38723

Malicious code in bioql PyPI...

CVE-2025-24892

OpenProject is open-source, web-based project management software. In versions prior to 15.2.1, the application fails to properly sanitize user input before displaying it in the Group Management section. Groups created with HTML script tags are not properly escaped before rendering them in a...

CVE-2025-24892

CVE-2025-24892 affects OpenProject prior to 15.2.1, where the Group Management UI fails to sanitize user input, allowing HTML/script content in groups to be rendered in a project (stored HTML injection). The issue is resolved in OpenProject 15.2.1. If upgrading isn’t possible, a patch is availabl...

PT-2025-6068 · Unknown · Openproject

Name of the Vulnerable Software and Affected Versions: OpenProject versions prior to 15.2.1 Description: The issue arises from the application's failure to properly sanitize user input before displaying it in the Group Management section. Specifically, groups created with HTML script tags are not...