DRUPAL-CORE-2026-001

Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which which can lead to a cross-site scripting XSS vulnerability...

Burp Exporter - A Burp Suite Extension To Copy A Request To The Clipboard As Multiple Programming Languages Functions

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions. You can export as: cURL Wget Python Request Perl LWP PHP HTTPRequest2 Go Native NodeJS Request jQuery AJAX PowerShell Requirements Jython = 2.7.1 Burp Suite import In Burp Suite, und...

Chaturbate: Stored XSS in chat topic due to insecure emoticon parsing on any message type

Description The funcitonality for adding emoticons into the chat from the serverside perspective is based on a string in the following format: %%%emoticon NAME|EMOTICONURL|WIDTH|HEIGHT|REPORTURL%%% The EMOTICONURL must conform to the following regex: javascript...

PT-2018-17806 · WordPress · Bookly

Name of the Vulnerable Software and Affected Versions: Bookly 1 WordPress Booking Plugin Lite versions prior to 14.5 Description: The issue concerns a cross-site scripting XSS flaw. It is triggered by a jQuery.ajax request to the ng-payment details dialog.js file. Recommendations: For Bookly 1...