Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the project settings page, allowing an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. An attacker can inject and execute malicious javascript through the email address for certain instances...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the improper validation in the ipynb files of the library, which allows an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the Flavored Markdown in the library, which allows an attacker to inject and execute malicious javascript...

Cross-Site Scripting (XSS)

gitlab is vulnerable to Cross-Site Scripting XSS attacks. This vulnerability occurs due to a flaw in the way that GitLab handles guest user permissions. An attacker can exploit this vulnerability to inject and execute malicious javascript on victim's browser...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. An attacker can inject and execute malicious javascript through the maliciously crafted default branch name...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. An attacker can inject and execute malicious javascript through the merge request with maliciously crafted branch name...

Cross-Site Scripting (XSS)

gitlab is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user inputs before it output to the front end when creating new abuse reports, allowing an attacker to inject and execute malicious javascript on victim's browser...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user input while adding a new comment, allowing an attacker to inject and execute malicious javascript on victim's browser...

Cross-Site Scripting (XSS)

github.com/answerdev/answer is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input inserted through sitename parameter before it output to the front end, allowing an attacker to inject and execute malicious javascript on a victim's browser...

Cross-Site Scripting (XSS)

github.com/golang/net is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user input in text nodes outside the HTML namespace, allowing an attacker to inject and execute malicious JavaScript on a victim's browser...

DRUPAL-CONTRIB-2023-033

This module enables you to add the Matomo web statistics tracking system to your website. The module does not check the Matomo JS code loaded on the website. So a user could configure the module to load JS from a malicious website. This vulnerability is mitigated by the fact that an attacker must...

Stored Cross-site Scripting (XSS)

phpmyfaq is vulnerable to Cross-site Scripting. The vulnerability exists due to a lack of validation in the user input of Link.php, which allows an attacker to inject and execute malicious Javascript into the browser...

Cross-site Scripting (XSS)

jenkins-core is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the addHyperlink function of AbstractMarkupText.java which does not properly escape the URLs before being rendered, allowing an attacker to inject and execute malicious JavaScript...

Cross-Site Scripting (XSS)

org.apache.felix: org.apache.felix.healthcheck.webconsoleplugin is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape user inputs during web page generation, allowing an attacker to inject and execute malicious javascript in the victim's browser...

Cross-site Scripting (XSS)

copyparty is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the txsvcs function of httpcli.py does not properly escape malicious characters, which allows an attacker to inject and execute malicious javascript by providing a malicious URL containing ?hc= with somewhere in...

Cross Site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability occurs when viewing a XML file in the repository in 'raw' mode which could be rendered as HTML in certain conditions, which allows an authenticated attacker to inject and execute malicious javascript on victim's browser...

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of sanitization in the external status checks of the library, allowing an attacker to inject and execute malicious javascript...

copyparty vulnerable to reflected cross-site scripting via hc parameter

Summary The application contains a reflected cross-site scripting via URL-parameter ?hc=... Details A reflected cross-site scripting XSS vulnerability exists in the web interface of the application that could allow an attacker to execute malicious javascript code by tricking users into accessing ...

PT-2023-33011 · Copyparty · Copyparty

Name of the Vulnerable Software and Affected Versions: copyparty affected versions not specified Description: A reflected cross-site scripting vulnerability exists in the web interface of the application, allowing an attacker to execute malicious javascript code by tricking users into accessing a...