Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of Mustache navigation templates when user-controlled values are interpolated into the href attribute without proper URL scheme validation. An attacker can execute arbitrary JavaScript in the...

Open Redirect

rdiffweb is vulnerable to open redirect. The vulnerability exists because hyperlinks are not properly validated in the library which allows an attacker to inject a malicious link and send a phishing email invitation to users...

CVE-2018-8316

A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 11, Internet Explorer 10...

Microsoft Internet Explorer Remote Code Execution Vulnerability (CNVD-2018-16846)

Internet Explorer is a web browser from Microsoft. A remote code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability stems from the program not properly validating hyperlinks before loading executable libraries. A remote attacker could exploit the vulnerability to...