10 matches found
EUVD-2025-25621
Malicious code in bioql PyPI...
Apache Log4cxx Cross-Site Scripting Vulnerability
Apache Log4cxx is the United States Apache Apache Foundation of a C + + logging framework patterned on Apache log4j . A cross-site scripting vulnerability exists in Apache Log4cxx versions prior to 1.5.0, which stems from HTMLLayout not properly escaping logger names, and can be exploited by an...
SUSE CVE-2025-54812
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
CVE-2025-54812
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
CVE-2025-54812 Apache Log4cxx: Improper HTML escaping in HTMLLayout
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
CVE-2025-54812 Apache Log4cxx: Improper HTML escaping in HTMLLayout
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
CVE-2025-54812
CVE-2025-54812 affects Apache Log4cxx prior to 1.5.0. The issue is due to improper output neutralization in HTMLLayout: logger names from untrusted sources are not escaped when writing HTML logs, enabling potential HTML/JS injection that could lead to log manipulation or information exposure when...
CVE-2025-54812
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
CVE-2025-54812 Apache Log4cxx: Improper HTML escaping in HTMLLayout
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
PT-2025-34481
Name of the Vulnerable Software and Affected Versions: Apache Log4cxx versions prior to 1.5.0 Description: Apache Log4cxx contains an Improper Output Neutralization for Logs issue. When using HTMLLayout, logger names are not properly escaped when writing to an HTML file. If untrusted data is used...