8 matches found
The vulnerability of the <img> tag in QML and Qt Quick for Qt6 Declarative allows a attacker to cause a service failure.
The vulnerability of the tag in QML and Qt Quick for Qt6 is related to the provision of unlimited memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
CVE-2026-30830
Summary of technical details (Defuddle CVE-2026-30830): The vulnerability arises in the findContentBySchemaText path of Defuddle (src/defuddle.ts) where image src and alt attributes are interpolated into HTML via a string template without escaping. If the image’s alt attribute contains a quotatio...
EUVD-2020-7667
Malware in sbrugna...
OpenBB 1.0.x Image Tag Cross-Agent Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4171/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB allows users to include images in forum messages using image...
CVE-2002-0959
Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an img tag with a closing quote followed by the script...
PHPBB2 - Image Tag HTML Injection
source: https://www.securityfocus.com/bid/4858/info It is possible to inject arbitrary HTML into phpBB2 forum messages via the use of BBCode image tags. A similar issue is described in Bugtraq ID 4379 "PHPBB Image Tag User-Embedded Scripting Vulnerability". However, phpBB2 was found to not be...
AOL Instant Messenger saves code embedded in image tag to conversation log which could be viewed/executed by a browser
Overview Certain Alpha versions of AOL Instant Messenger AIM, that were leaked, would log errors to a log file. By sending a crafted image file, it may be possible to execute arbitrary script/HTML on a victims browser when they view the log files. Description AOL Instant Messenger has the ability...
Ultimate Bulletin Board
Here is a message I just popped off to infopop about their Ultimate Bulletin Board v5 product. It's not really meant for someone not used to their product. -------------------------------------------------------------------------------- If a user has info stored in a cookie, replies to a message...