Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/03/11 8:47 p.m.27 views

CVE-2026-32121 OpenEMR: Stored DOM XSS via `.html()` in Portal Signer Modal

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. That finding involves server-side rendering of patient names via raw PHP echo. This finding involves...

7.7CVSS0.00191EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/02/11 2:24 p.m.12 views

Moderate: Red Hat Security Advisory: doxygen security update

An update for doxygen is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

6.9CVSS7.2AI score0.8383EPSS
Exploits6References2
PyPA
PyPA
added 2021/10/14 4:15 p.m.5 views

PYSEC-2021-372

OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of jQuery.html, there are a whole host of cross-site scripting possibilities with...

9.8CVSS6AI score0.01006EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/01/14 4:15 p.m.14 views

Design/Logic Flaw

SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creation of programmatic dialog boxes using Bootstrap modals. The Bootbox.js library intentionally does not perform any sanitization of user input, which results in a DOM XSS, because it uses the jQuery .html function to directly...

3.5CVSS5.5AI score0.00676EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2020/04/25 12:0 a.m.110 views

jQuery html() Cross Site Scripting

jquery-xss-in-html jQuery 3.5 Cross-Site Scripting XSS in html Timmy Willison recently released a new version of jQuery. jQuery 3.5 fixes a cross-site scripting XSS vulnerability found in the jQuery’s HTML parser. The Snyk open source security platform estimates that 84% of all websites may be...

Exploits0
Rows per page
Query Builder