linkding 安全漏洞

linkding is a bookmark manager that can be self-hosted by the individual developer Sascha Ißbrücker. A security vulnerability exists in linkding that stems from the file upload feature in the bookmarks and asset rendering pipeline that allows the upload of malicious SVG files containing JavaScrip...

EUVD-2023-58869

Malicious code in bioql PyPI...

CVE-2023-6646

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

CVE-2023-6646

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

CVE-2023-6646

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

Cross site scripting

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

CVE-2023-6646

CVE-2023-6646 affects linkding 1.23.0. The vulnerability arises from an XSS in the handling of the query parameter q, enabling remote exploitation. Public exploit exists. Upgrading to version 1.23.1 addresses the issue. Several sources across CVE records corroborate the XSS in the q parameter and...

CVE-2023-6646 linkding cross site scripting

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

CVE-2023-6646 linkding cross site scripting

A vulnerability classified as problematic has been found in linkding 1.23.0. Affected is an unknown function. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to...

PT-2023-32723 · Linkding · Linkding

Name of the Vulnerable Software and Affected Versions: linkding version 1.23.0 Description: A vulnerability has been found in linkding, where the manipulation of the argument q leads to cross-site scripting. This issue can be exploited remotely. The vendor was contacted and responded...

Linkding Cross-Site Scripting Vulnerability

linkding is a self-hosted bookmark manager by the individual developer Sascha Ißbrücker. A cross-site scripting vulnerability exists in linkding version 1.23.0, which stems from a cross-site scripting XSS vulnerability in the parameter q. The vulnerability is caused by the use of the parameter q ...

Open Redirect (Bypass Of #59d7c660-744c-4fee-88b7-6117b6846aea)

Description Hello everyone, I found an Open Redirect on linkding on remove a bookmark functionality, it is a bypass of a previously submitted report, when users are tricked into visiting the vulnerable link, they will immediately redirected to arbitrary hosts. Proof of Concept - Just visit the...