13 matches found
EUVD-2023-0714
Malicious code in bioql PyPI...
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
Cross-site Scripting (XSS)
izimodal is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to the lack of validation in the modal title element, which allows an attacker to inject and execute malicious JavaScript...
azureml_widgets (>=1.0.0 <=1.0.6) potentially affected by CVE-2021-32860 via izimodal (=1.5.1)
izimodal NPM version =1.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on izimodal and may be impacted: - azuremlwidgets =1.0.0, =1.0.6 Source cves: CVE-2021-32860 Source advisory: OSV:GHSA-H685-83W4-3PH3...
GHSA-H685-83W4-3PH3 iziModal Cross-site Scripting vulnerability
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
iziModal Cross-site Scripting vulnerability
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
Cross site scripting
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
iziModal 跨站脚本漏洞
iziModal is an elegant, responsive, flexible and lightweight jQuery modal plugin. A security vulnerability exists in iziModal versions prior to 1.6.1, which stems from a cross-site scripting XSS attack when handling untrusted modal headers, and can be exploited to execute arbitrary HTML or...
CVE-2021-32860
The CVE-2021-32860 issue affects the jQuery modal plugin iziModal (versions prior to 1.6.1). It describes an XSS vulnerability where untrusted modal titles can be exploited to inject arbitrary HTML/JavaScript code executed in the user context. The root cause is lack of validation/escaping for the...
PT-2023-12192 · Izimodal · Izimodal
Name of the Vulnerable Software and Affected Versions: iziModal versions prior to 1.6.1 Description: The issue arises when handling untrusted modal titles, allowing an attacker to influence the title field and supply arbitrary html or javascript code. This code will be rendered in the context of ...
CVE-2021-32860 iziModal vulnerable to Cross-site Scripting
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...