CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/11/12 7:18 p.m.•1 views

EUVD-2025-139583

Malicious code in nuilva-bavaim-mavo npm...

6.6AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-5527

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00571EPSS

Exploits1References3

Veracode•added 2025/03/06 5:59 a.m.•7 views

Cross-site Scripting

Mavo is vulnerable to Cross-site Scripting. The vulnerability is due to improper handling of HTML elements, allowing attackers to inject a crafted element and execute arbitrary code...

8.8CVSS7.4AI score0.00571EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2025/03/05 12:56 a.m.•4 views

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

8.8CVSS7.4AI score0.00571EPSS

Exploits1References1

Github Security Blog•added 2025/03/03 6:31 p.m.•7 views

mavo DOM Clobbering vulnerability

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

8.8CVSS7.8AI score0.00571EPSS

Exploits1References3Affected Software1

OSV•added 2025/03/03 6:31 p.m.•5 views

GHSA-3MF5-R4HG-HFX9 mavo DOM Clobbering vulnerability

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

6.9CVSS7.1AI score0.00571EPSS

Exploits1References3

OSV•added 2025/03/03 5:15 p.m.•1 views

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

8.8CVSS6.1AI score0.00571EPSS

Exploits1References1

NVD•added 2025/03/03 5:15 p.m.•6 views

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

8.8CVSS0.00571EPSS

Exploits1References1

CVE•added 2025/03/03 12:0 a.m.•45 views

CVE-2024-53388

The CVE-2024-53388 entry describes a DOM Clobbering vulnerability in the Mavo project, specifically version v0.3.2, where an attacker can cause arbitrary code execution by supplying a crafted HTML element. This is corroborated across multiple connected records (Red Hat, GitHub GHSA advisory, OSV,...

8.8CVSS7.6AI score0.00571EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/03/03 12:0 a.m.•9 views

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

0.00571EPSS

Exploits1References1

Vulnrichment•added 2025/03/03 12:0 a.m.•5 views

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

7.2AI score0.00571EPSS

Exploits1References1

CNNVD•added 2025/03/03 12:0 a.m.•2 views

Mavo 跨站脚本漏洞

Mavo is a framework from the Mavo open source. A security vulnerability exists in Mavo version v0.3.2, which stems from DOM Clobbering and allows execution of arbitrary code via specially crafted HTML elements...

8.8CVSS7.2AI score0.00571EPSS

Exploits1References3

seebug.org•added 2018/02/27 12:0 a.m.•59 views

mavo中noscript xss的安全绕过

首先，我们可以利用noscript不会对跟随字母数字的函数进行检测的特性，把函数与anchor属性的值结合以躲避检测。 mavoscript作为javascript的扩展，并不支持此类操作，所以我们需要将mavoscript转化为javascript模式。从mavoscript的语法中可知，当mavo遇到无效的mavoscript时，它就会将无效的mavoscript当作javascript来处理。 //X=＇javascript ＇//X+=＇：alert＇+ y.rel + y.title test...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by