2 matches found
Cross Site Scripting(XSS)
github.com/alist-org/alist is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to inadequate input validation in the /i/:linkname endpoint, which fails to sanitize user-provided values, allowing malicious HTML tags to be executed in the application context...
Celestial Software AbsoluteTelnet 2.0/2.11 - Title Bar Buffer Overflow
source: https://www.securityfocus.com/bid/6785/info A buffer overflow vulnerability was reported for AbsoluteTelnet. The vulnerability exists due to insufficient bounds checking performed when setting the title bar of the client. An attacker can exploit this vulnerability by enticing a victim use...