18 matches found
EUVD-2023-46878
Malicious code in bioql PyPI...
CVE-2023-42426
Cross-site scripting XSS vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2025-2700
A vulnerability classified as problematic has been found in michelson Dante Editor up to 0.4.4. This affects an unknown part of the component Insert Link Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2025-2700 michelson Dante Editor Insert Link cross site scripting
A vulnerability classified as problematic has been found in michelson Dante Editor up to 0.4.4. This affects an unknown part of the component Insert Link Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2023-42426
Cross-site scripting XSS vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component...
Froala Editor Cross-Site Scripting Vulnerability
Froala Editor is a powerful JavaScript rich text editor for individual developers. A cross-site scripting vulnerability exists in Froala Editor v.4.1.1. A remote attacker can exploit this vulnerability to execute arbitrary code via the "Insert link" parameter in the "Insert Image" component...
Cross Site Scripting
froala-editor & froala/wysiwyg-editor is vulnerable to Cross Site Scripting. The vulnerability is due to the Insert Link functionality which does not properly sanitize or validate the link that user provides, resulting in Cross Site Scripting...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
Cross site scripting
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
CVE-2023-42371
Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...
Summernote Rich Text Editor Cross-Site Scripting Vulnerability
Summernote Rich Text Editor is a rich text editor from Summernote. A cross-site scripting vulnerability exists in Summernote Rich Text Editor v.0.8.18 and prior versions, which originates from a vulnerability that could allow a remote attacker to execute arbitrary code via a crafted script in the...
XSS vulnerabilities in insert image and link actions
In 2.7.x, the following URL's are vulnerable: - /users/insertlink.action - /users/insertlink-page-attachmentstab.action - /users/insertlink-page-uploadfile.action - /users/insertlink-draft-attachmentstab.action - /users/insertlink-draft-uploadfile.action - /users/doinsertimageinpage.action -...
XSS vulnerabilities in insert image and link actions
In 2.7.x, the following URL's are vulnerable: - /users/insertlink.action - /users/insertlink-page-attachmentstab.action - /users/insertlink-page-uploadfile.action - /users/insertlink-draft-attachmentstab.action - /users/insertlink-draft-uploadfile.action - /users/doinsertimageinpage.action -...
PT-2005-4742 · Sapid · Sapid Cms
Name of the Vulnerable Software and Affected Versions: SAPID CMS versions prior to 1.2.3.03 Description: The issue allows remote attackers to bypass authentication by making direct requests to certain files, including insert file.php, insert image.php, insert link.php, insert qcfile.php, and...