Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/04/16 5:13 p.m.23 views

CVE-2025-22872 Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

6.5AI score0.00478EPSS
Exploits0References4
CVE
CVE
added 2025/04/16 5:13 p.m.308 views

CVE-2025-22872

CVE-2025-22872 involves the HTML tokenizer and related parsing logic where unquoted attribute values ending with a slash (/) are misinterpreted as self-closing tags. This only affects tags in foreign content (e.g., , ) and can cause incorrect DOM scope during parsing when using the Tokenizer dire...

6.5CVSS6.5AI score0.00478EPSS
Exploits0References5
CNVD
CNVD
added 2022/01/19 12:0 a.m.17 views

livehelperchat Cross-Site Scripting Vulnerability (CNVD-2022-08229)

livehelperchat is available via Live Helper Chat, which provides free live support on the website. livehelperchat suffers from a cross-site scripting vulnerability that stems from livehelperchat being vulnerable to incorrect neutralization during page generation. No detailed vulnerability details...

7.1CVSS2AI score0.00813EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/17 12:0 a.m.16 views

Calibre-Web Cross-Site Scripting Vulnerability (CNVD-2022-21489)

Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database.A vulnerability exists in Calibre-Web cross-site scripting that is vulnerable to incorrect neutralization of input during web page generation. No details of the vulnerability are currently...

7.3CVSS1.9AI score0.00802EPSS
Exploits1References1
Rows per page
Query Builder