4 matches found
GHSA-VFFH-X6R8-XX99 Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer
Impact Stored cross-site scripting XSS via crafted metric names in the Prometheus web UI: Old React UI + New Mantine UI: When a user hovers over a chart tooltip on the Graph page, metric names containing HTML/JavaScript are injected into innerHTML without escaping, causing arbitrary script...
GHSA-XGX4-2WGV-4JHM PDFME has XSS via Unsanitized i18n Label Injection into innerHTML in multiVariableText propPanel
Summary The multiVariableText property panel in @pdfme/schemas constructs HTML via string concatenation and assigns it to innerHTML using unsanitized i18n label values. An attacker who can control label overrides passed through options.labels can inject arbitrary JavaScript that executes in the...
GHSA-WVH5-6VJM-23QH OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: "loose")
Summary The Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid's click directive which can execute arbitrary...
CVE-2025-5352 Environment Variable XSS in Analytics Component in lunary-ai/lunary
A critical stored Cross-Site Scripting XSS vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXTPUBLICCUSTOMSCRIPT environment variable is directly injected into the DOM using dangerouslySetInnerHTML without any sanitization or validation. This...