20 matches found
CVE-2026-43892
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892 AntSword: Incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892
AntSword (cross-platform website management toolkit) is affected by CVE-2026-43892 due to incomplete noxss() sanitization before version 2.1.16, enabling a 1-click remote code execution through jquery.terminal format code injection. The vulnerability is fixed in version 2.1.16. Impact is describe...
CVE-2026-43892 AntSword: Incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
EUVD-2026-29721
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
PT-2026-40329
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
antSword 跨站脚本漏洞
AntSword is a cross-platform website management tool developed by the AntSwordProject. Versions of AntSword prior to 2.1.16 contained a cross-site scripting vulnerability. This vulnerability stemmed from incomplete noxss cleanup, allowing for injection through jQuery.terminal format code, which...
EUVD-2022-0739
Malicious code in bioql PyPI...
CVE-2021-43862
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
@esfaenza/core (>=15.2.16 <=19.2.114), @naxxfish/whereis (=0.0.1) +15 more potentially affected by CVE-2021-43862 via jquery.terminal (>=0.10.12 <=2.23.2)
jquery.terminal NPM version =0.10.12, =15.2.16, =0.0.1, =0.1.3, =2.0.0, =3.3.2, =0.0.3, =1.0.4, =0.1.0, =1.0.0, =1.0.2, =0.0.1, =0.0.10 and more Source cves: CVE-2021-43862 Source advisory: OSV:GHSA-X9R5-JXVQ-4387...
CVE-2021-43862
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
CVE-2021-43862
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
Cross site scripting
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
CVE-2021-43862 Self XSS on user input
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
CVE-2021-43862
Vulnerability context: CVE-2021-43862 affects the jQuery Terminal Emulator (a plugin for command-line interfaces in apps). The issue is a self-XSS via the execHash option when code is loaded from a URL, allowing an attacker to run crafted input in the victim’s browser. The impact is described as ...
jQuery 跨站脚本漏洞
jQuery is the United States John Resig individual developers of a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript, and features modularity, plug-in extensions, and so on. A cross-site scripting vulnerability exists in jQuery...
PT-2021-23985 · Unknown · Jquery Terminal Emulator
Name of the Vulnerable Software and Affected Versions: jQuery Terminal Emulator versions prior to 2.31.1 Description: The issue is a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
@screeps/launcher (>=0.0.1 <=4.2.0-beta.8), @screepsunleashed/screeps (>=0.1.3 <=0.1.4) +9 more potentially affected by unknown CVE via jquery.terminal (>=0.10.12 <=0.11.4)
jquery.terminal NPM version =0.10.12, =0.0.1, =0.1.3, =2.0.0, =3.3.2, =0.0.3, =0.1.0, =1.0.0, =1.0.2, =0.0.7, =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-2HWP-G4G7-MWWJ...
Reflected Cross-Site Scripting
Overview Versions of jquery.terminal prior to 1.21.0 are vulnerable to Reflected Cross-Site Scripting. If the application has either of the options anyLinks or invokeMethods set to true, the application may execute arbitrary JavaScript through crafted malicious payloads due to insufficient...