5 matches found
EUVD-2025-20016
Malicious code in bioql PyPI...
CVE-2025-7066
Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image except for...
CVE-2025-7066 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau
Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image except for...
CVE-2025-7066 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Jirafeau
Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image except for...
CVE-2018-13409
An issue was discovered in Jirafeau before 3.4.1. The "search file by hash" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges...