12 matches found
EUVD-2018-0739
Malware in sbrugna...
EUVD-2022-42502
Malicious code in bioql PyPI...
EUVD-2025-7348
Malicious code in bioql PyPI...
EUVD-2021-30794
Malicious code in bioql PyPI...
EUVD-2022-0639
Malicious code in bioql PyPI...
EUVD-2022-3076
Malicious code in bioql PyPI...
CVE-2025-53487
The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message ke...
CVE-2021-24293
In the eCommerce module of the NextGEN Gallery Pro WordPress plugin before 3.1.11, there is an action to call getcartitems via photocratiajax , after that the settingsshippingaddressname is able to inject malicious javascript...
CVE-2021-22331
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product...
Design/Logic Flaw
There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product...
Cross-Site Scripting (XSS)
gitbook is vulnerable to cross-site scripting XSS. An attacker is able to inject arbitrary Javascript into a victim's browser using a local .md file which is rendered when displayed on the browser...
MGASA-2013-0368 Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. Internal review while debugging a site issue discovered that...