Stored Cross-Site Scripting (XSS)

n8n is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sandbox enforcement when the “Respond to Webhook” node returns HTML content with executable scripts, which allows an attacker with workflow creation privileges to execute arbitrary JavaScript in the context...

EUVD-2010-3694

Malware in sbrugna...

EUVD-2022-38455

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

froxlor/froxlor is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the markdown syntax in the customnotes field is improperly sanitized which allows an attacker to inject and execute html scripts...

FreeBSD : mailman -- hardening against malicious listowners injecting evil HTML scripts (739948e3-78bf-11e8-b23c-080027ac955c)

Mark Sapiro reports : Existing protections against malicious listowners injecting evil scripts into listinfo pages have had a few more checks added. A few more error messages have had their values HTML escaped. The hash generated when SUBSCRIBEFORMSECRET is set could have been the same as one...

CVE-2018-1136

An issue was discovered in Moodle 3.x. An authenticated user is allowed to add HTML blocks containing scripts to their Dashboard; this is normally not a security issue because a personal dashboard is visible to this user only. Through this security vulnerability, users can move such a block to...

CVE-2012-4579

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations 1 TRUNCATE or 2 DROP link for a crafted table name, 3 the Add Trigger popup within a Triggers page that references...

Ez Album Persistent Cross Site Scripting

/ Ez Album XSS Script Injection Vulnerability Discovered by : MizoZ Contact : [email protected] Date : July 29 2009 Greetings : Moudi , Zuka, All friends / We can inject HTML Scripts from the add comment , not in the comment but in the name input . exemple :...

CVE-2002-0618

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution"...

CVE-2002-0618

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution"...

security bug Internet Explorer 5

There is a security bug in the Internet Explorer 5 I haven't tested it on other browsers. It is possible to read some textfiles others than cookies from the client's hard disk. If there is for example in the directory 'C:WINNT' a textfile 'test.txt' with content: us="stefaan" passwd="mypasswd" th...