Malicious code in test-mlw2-jingo-jetty (npm)

The package test-mlw2-jingo-jetty was found to contain malicious code...

MAL-2025-35580 Malicious code in test-mlw2-jingo-jetty (npm)

The package test-mlw2-jingo-jetty was found to contain malicious code...

GHSA-MPJF-8CMF-P789 Cross-Site Scripting in jingo

Versions of jingo prior to 1.9.2 are vulnerable to Cross-Site Scripting XSS. If malicious input such as alert1 is placed in the content of a wiki page, Jingo does not properly encode the input and it is executed instead of rendered as text. Recommendation Upgrade to version 1.9.2...

Cross-Site Scripting in jingo

Versions of jingo prior to 1.9.2 are vulnerable to Cross-Site Scripting XSS. If malicious input such as alert1 is placed in the content of a wiki page, Jingo does not properly encode the input and it is executed instead of rendered as text. Recommendation Upgrade to version 1.9.2...

Arbitrary Code Execution

Overview jingo is a git based wiki engine written for node.js, with a decent design, a search capability and a good typography. Affected versions of this package are vulnerable to Arbitrary Code Execution due to the default usage of the function yaml.load of the package js-yaml instead of its...

SQL Injection Vulnerability in Xinchang Jingo Network Co.

Founded in 2007, Xinchang Jingo Network Co., Ltd. is one of the earlier network companies in Xinchang, specializing in Internet information services. There is a SQL injection vulnerability in the website building system of Xinchang Jingo Network Co., Ltd, which can be exploited by attackers to...

Cross-Site Scripting

Overview Versions of jingo prior to 1.9.2 are vulnerable to Cross-Site Scripting XSS. If malicious input such as alert1 is placed in the content of a wiki page, Jingo does not properly encode the input and it is executed instead of rendered as text. Recommendation Upgrade to version 1.9.2...