Lightweight Music Server (LMS) 3.76.0 (metadata) Stored XSS

Summary LMS Lightweight Music Server: A specific C++ based project focused on a low memory footprint, featuring built-in user management and a recommendation engine. Description LMS stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders...

CVE-2026-42045

CVE-2026-42045 affects LobeHub/LobeChat prior to version 2.1.48. The issue combines a client‑side XSS in the Render path (Renderer defaulting to HTMLRenderer for unknown tags) with an insecure IPC interface runCommand in the Electron main process. An attacker who can induce the LLM to emit malici...

CVE-2026-42045

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/features/Portal/Artifacts/Body/Renderer/index.tsx, if no type match is found, it will choose to call the...

Shaarli cross-site scripting vulnerabilities

Shaarli is a set of website cloning tools developed by the Shaarli Community. Versions of Shaarli prior to 0.16.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of malicious tags, which could lead to cross-site scripting attacks...

EUVD-2023-32056

Malicious code in bioql PyPI...

CVE-2023-28358

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

CVE-2023-28358

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

CVE-2023-28358

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

Design/Logic Flaw

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

PT-2023-21668 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat affected versions not specified Description: A markdown parsing issue in the "Search Messages" feature of Rocket.Chat allows the insertion of malicious tags. This issue can be exploited on servers with content security policy...

SUSE CVE-2017-7840

JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripti...

memos 安全漏洞

memos is an open source hosted memo center with knowledge management and social features. A security vulnerability exists in versions of memos prior to 0.9.1, which stems from a vulnerability that allows an attacker to add malicious tags to a vitim account...

CSRF allows attacker to add malicious tags to vitim account

Description Cross-Site Request Forgery CSRF is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated. CSRF attacks exploit the trust a Web application has in an authenticated user Proof of Concept 1 Go to...

Rocket.Chat: Cross-Site-Scripting in "Search Messages"

Vulnerability description not provided...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the startdocument function in psychemitter.c. Passing in a malicious tags array can trigger a crash. PoC: ruby require 'Psych' $tags = puts "+ Start" f = File.new"newfile", "w+" emitter = Psych::Emitter.new...

Phabricator: Markdown parsing issue enables insertion of malicious tags

mongoose By exploiting the URL markdown an attacker is able to add tags to an anchor-element. This is less impactfull since the default csp policy blocks inline javascript execution, but an attacker could deface individual pages, bypass the rel="norefferrer" tag to perform tab nabbing or perform...

HackerOne: Markdown parsing issue enables insertion of malicious tags and event handlers

When markdown is being presented as HTML, there seems to be a strange interaction between and @ that lets an attacker insert malicious tags. Proof of Concept : hello is rendered converted to the following HTML: /http:hello As you can see, the output includes a /http:marquee tag that I can add...

Gratipay: Markdown parsing issue enables insertion of malicious tags

Markdown tags and event handlers can be used to load malicious URLs in user's profile statement. Here is the payload that when entered in user's profile statement leads to the following HTML: Payload: www.attacker.com/malicious.exe Resulting HTML: "html": "www.attacker.com/malicious.exe\n" See th...

rubygem-redcarpet -- XSS vulnerability

Daniel LeCheminant reports: When markdown is being presented as HTML, there seems to be a strange interaction between and @ that lets an attacker insert malicious tags...

Gentle-killer－cross-site Script attacks-vulnerability warning-the black bar safety net

Gentle-killer－cross-site Script attack · Translation:Billi·transfer from CPCW The first part: cross-site SCRIPT attacks in several ways: Whenever we think of hackers, a hacker is often such a portrait: a lonely man, snuck into someone else's server, destroying or stealing someone else's secret...