20 matches found
CVE-2026-43892
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892 AntSword: Incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892 AntSword: Incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
EUVD-2026-29721
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
CVE-2026-43892
AntSword (cross-platform website management toolkit) is affected by CVE-2026-43892 due to incomplete noxss() sanitization before version 2.1.16, enabling a 1-click remote code execution through jquery.terminal format code injection. The vulnerability is fixed in version 2.1.16. Impact is describe...
PT-2026-40329
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16...
antSword 跨站脚本漏洞
AntSword is a cross-platform website management tool developed by the AntSwordProject. Versions of AntSword prior to 2.1.16 contained a cross-site scripting vulnerability. This vulnerability stemmed from incomplete noxss cleanup, allowing for injection through jQuery.terminal format code, which...
EUVD-2022-0739
Malicious code in bioql PyPI...
CVE-2021-43862
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
@esfaenza/core (>=15.2.16 <=19.2.114), @naxxfish/whereis (=0.0.1) +15 more potentially affected by CVE-2021-43862 via jquery.terminal (>=0.10.12 <=2.23.2)
jquery.terminal NPM version =0.10.12, =15.2.16, =0.0.1, =0.1.3, =2.0.0, =3.3.2, =0.0.3, =1.0.4, =0.1.0, =1.0.0, =1.0.2, =0.0.1, =0.0.10 and more Source cves: CVE-2021-43862 Source advisory: OSV:GHSA-X9R5-JXVQ-4387...
CVE-2021-43862
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
CVE-2021-43862
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
Cross site scripting
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
CVE-2021-43862 Self XSS on user input
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
CVE-2021-43862
Vulnerability context: CVE-2021-43862 affects the jQuery Terminal Emulator (a plugin for command-line interfaces in apps). The issue is a self-XSS via the execHash option when code is loaded from a URL, allowing an attacker to run crafted input in the victim’s browser. The impact is described as ...
PT-2021-23985 · Unknown · Jquery Terminal Emulator
Name of the Vulnerable Software and Affected Versions: jQuery Terminal Emulator versions prior to 2.31.1 Description: The issue is a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...
jQuery 跨站脚本漏洞
jQuery is the United States John Resig individual developers of a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript, and features modularity, plug-in extensions, and so on. A cross-site scripting vulnerability exists in jQuery...
@screeps/launcher (>=0.0.1 <=4.2.0-beta.8), @screepsunleashed/screeps (>=0.1.3 <=0.1.4) +9 more potentially affected by unknown CVE via jquery.terminal (>=0.10.12 <=0.11.4)
jquery.terminal NPM version =0.10.12, =0.0.1, =0.1.3, =2.0.0, =3.3.2, =0.0.3, =0.1.0, =1.0.0, =1.0.2, =0.0.7, =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-2HWP-G4G7-MWWJ...
Reflected Cross-Site Scripting
Overview Versions of jquery.terminal prior to 1.21.0 are vulnerable to Reflected Cross-Site Scripting. If the application has either of the options anyLinks or invokeMethods set to true, the application may execute arbitrary JavaScript through crafted malicious payloads due to insufficient...