Cross-site Scripting (XSS)

ag-grid-community is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute malicious Javascript on a user's browser via the function loadTemplate...

Schneider Electric U.motion Builder loadtemplate remote code execution vulnerability

U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in the Schneider Electric U.motion Builder loadtemplate. The underlying SQLite database query requires SQL injection on the tpl input parameter. A remote attacker could exploit this...