EUVD-2024-36332

Malicious code in bioql PyPI...

MAL-2025-23067 Malicious code in imagelink (npm)

The package imagelink was found to contain malicious code...

Malicious code in imagelink (npm)

The package imagelink was found to contain malicious code...

CVE-2024-36043

questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...

CVE-2024-34831

cross-site scripting XSS vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the librarymanagecatalogeditProcess.php component...

CVE-2024-34831

cross-site scripting XSS vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the librarymanagecatalogeditProcess.php component...

Gibbon 安全漏洞

Gibbon is a school platform from the Gibbon team that solves real-world problems that educators encounter every day. A security vulnerability exists in Gibbon version v26.0.00, which stems from the presence of a cross-site scripting XSS vulnerability that allows attackers to execute arbitrary cod...

CVE-2024-34831

cross-site scripting XSS vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the librarymanagecatalogeditProcess.php component...

CVE-2024-34831

CVE-2024-34831 concerns a cross-site scripting (XSS) flaw in Gibbon Core v26.0.00, where the attacker can inject scripts via the imageLink parameter in the library_manage_catalog_editProcess.php component. Public sources consistently identify the vulnerable element as the imageLink field in the L...

Cross Site Scripting (XSS)

survey-core is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient sanitization of the imageLink property in questionimage.ts, which allows an attacker to execute malicious scripts via setting contentMode=youtube...

CVE-2024-36043

questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...

CVE-2024-36043

questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...

CVE-2024-36043

questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...

CVE-2024-36043

questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...

CVE-2024-36043

The CVE-2024-36043 issue affects SurveyJS Form Library prior to 1.10.4, where question_image.ts allows a contentMode=youtube XSS through the imageLink property. The documented impact is Cross Site Scripting via imageLink, requiring contentMode=youtube to exploit. Mitigation: upgrade to version 1....

SurveyJS Form Library 安全漏洞

SurveyJS Form Library is a free client-side component of SurveyJS open source using the MIT license. A security vulnerability exists in SurveyJS Form Library versions prior to 1.10.4 that stems from allowing cross-site scripting attacks via the imageLink attribute...

imagelink.uniden.com Cross Site Scripting vulnerability OBB-2143122

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...