22 matches found
EUVD-2021-25584
Malware in sbrugna...
EUVD-2024-28051
Malicious code in bioql PyPI...
EUVD-2024-28049
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-39202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets edito...
CVE-2024-30115
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
CVE-2024-30115
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
CVE-2024-30115
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
CVE-2024-30115 HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
PT-2025-18336 · Hcl · Hcl Leap
Name of the Vulnerable Software and Affected Versions: HCL Leap affected versions not specified Description: The issue is related to an insufficient sanitization policy, which allows client-side script injection in the deployed application. This can be achieved through the HTML widget...
CVE-2024-30113
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
CVE-2024-30113
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
CVE-2024-30113
The CVE-2024-30113 issue affects HCL Leap, specifically the HTML widget, where insufficient sanitization policy enables client-side script injection. The problem is described across multiple connected records as an XSS risk in HCL Leap’s deployment, without explicit exploitation details provided....
CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...
PT-2025-17844 · Hcl · Hcl Leap
Name of the Vulnerable Software and Affected Versions: HCL Leap affected versions not specified Description: The issue is related to an insufficient sanitization policy in HCL Leap, which allows client-side script injection in the deployed application through the HTML widget. Recommendations: At...
Fast Flow < 1.2.13 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Create/edit a dashboard with an HTML widget...
CVE-2021-39202
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the cust...
Double free
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the cust...
CVE-2021-39202
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the cust...
PT-2021-4498 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions 5.8 beta 1 through 5.8 Description: The issue is related to improper handling of HTML input in the Custom HTML feature of the widgets editor, introduced in WordPress 5.8 beta 1. This leads to stored XSS in the custom HTML...
WordPress 插件跨站脚本漏洞
WordPress is a PHP, MySQL and JavaScript based project and uses Node as its JavaScript dependency. A native development environment is available for getting up and running quickly. An XSS vulnerability exists in WordPress in version 5.8 beta 1, which is related to the affected version not properl...