Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain...

EUVD-2012-2640

Malware in sbrugna...

PT-2022-27449 · Roots · Roots Soil Plugin

Name of the Vulnerable Software and Affected Versions: Roots soil Plugin versions prior to 4.1.1 Description: A problematic issue was found in the Roots soil Plugin, affecting the language attributes function of the file src/Modules/CleanUpModule.php. The manipulation of the language argument lea...

Soil 跨站脚本漏洞

Soil is Roots open source a WordPress plugin . Used to apply theme-independent front-end modifications. A cross-site scripting vulnerability exists in Soil versions prior to 4.1.0, which originates in the function languageattributes in the file src/Modules/CleanUpModule.php, where manipulation of...

rubygem-loofah: XSS vulnerability due to unescaped comments within attributes by libxml2

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment...