20 matches found
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary Javascript through the status bar filepath variable...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The library does not properly encode content in client/Main/CommonViews/suggestedtokenview.coffee, allowing a malicious user to inject and execute arbitrary webscript...
Cross-site Scripting (XSS)
github.com/koding/koding is susceptible to cross-site scripting XSS attacks. The vulnerability exists because it does not properly encode tab title in idetabhandleview.coffee to prevent cross-site scripting attacks...
Cross-site Scripting (XSS)
github.com/koding/koding is susceptible to cross-site scripting XSS attacks. The vulnerability exists because it does not properly encode input data in save action of aceview.coffee...
Cross-site Scripting (XSS)
github.com/koding/koding is susceptible to cross-site scripting XSS attacks. The vulnerability exists because it does not properly encode newValue in showRenameDialog...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not filter the incoming data in profile page...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not escape MessageSummary string in the Render method...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not properly encode text in the idefilefinder.coffee...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not properly handle the session key in the search query...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not encode the user input value in crawler to avoid the attack...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not encode the content of SuggestedTokenView class to avoid the attack...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The attacks exist since it does not encode the content of TagContextMenuItem class to avoid the attack...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because fileitem.coffee allow injection of arbitrary value into path in filetree...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because path string is not encoded properly to handle cross-site scripting...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because Encoder.XSSEncode is not applied on user input...
Cross-site Scripting (XSS)
github.com/koding/koding is susceptible to cross-site scripting XSS attacks. It happens because encoding in static pages does not escape input string using validator.sanitize.xss...
Cross-site Scripting (XSS)
github.com/koding/koding is susceptible to cross-site scripting XSS attacks. It happens because it encodes title as html in setPaneTitle of KDTabView.coffee...
Cross-site Scripting (XSS)
github.com/koding/koding is susceptible to cross-site scripting XSS attacks. It happens because it does not properly encode app listing in appthumbview.coffee...
Replay Attack
github.com/koding/koding is vulnerable to replay attack. It has a flaw in the creation and validation of nonces, failing to detect nonces and disconnect malicious peers...
Cross-site Request Forgery (CSRF)
github.com/koding/koding is vulnerable to cross-site request forgery CSRF attacks. The vulnerability exists because it does not incorporate the state parameter logic into the authorization process...