Improper Input Encoding

Axios is vulnerable to Improper Input Encoding. The vulnerability is due to incorrect character mapping in the encode function, where safely percent-encoded null bytes %00 are converted back to raw null bytes, potentially leading to unsafe request data handling in affected usage scenarios...

BIT-GITLAB-2025-2254 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks...

Cross-site Scripting (XSS)

codingms/additional-tca is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input encoding due to a logged-in backend user being able to inject HTML content through the TYPO3 backend user interface, leading to potential XSS attacks...

TYPO3 信息泄露漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Typo3 association.TYPO3 has an information disclosure vulnerability that stems from a failure to properly encode user input, which could be exploited by an attacker to obtain sensitive data for API...