17 matches found
EUVD-2025-11540
Malicious code in bioql PyPI...
EUVD-2025-29050
Malicious code in bioql PyPI...
CVE-2025-55996
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface...
CVE-2025-55996
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface...
Rakuten Viber Desktop 安全漏洞
Rakuten Viber Desktop is an instant messaging software from Viber Luxembourg. A security vulnerability exists in Rakuten Viber Desktop version 25.6.0, which stems from improper handling of text parameters in the message compose or forward interface, which could lead to an HTML injection attack...
CVE-2025-55996
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface...
CVE-2025-55996
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface...
PT-2025-37322
Name of the Vulnerable Software and Affected Versions: Viber Desktop version 25.6.0 Description: Viber Desktop version 25.6.0 is susceptible to HTML Injection through the text parameter within the message compose/forward interface. Recommendations: As a temporary workaround, sanitize the text...
CVE-2025-55996
Viber Desktop 25.6.0 is affected by a HTML Injection vulnerability caused by improper handling of the text parameter in the message compose/forward interface. The issue can be triggered via the text field and has a CVSSv3.1 base score of 6.3 (Medium) with NETWORK attack vector, requiring user int...
CVE-2025-26153
A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message...
CVE-2025-26153
A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message...
CVE-2025-26153
A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message...
CVE-2025-26153
A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message...
CVE-2025-26153
A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message...
CVE-2025-26153
CVE-2025-26153 describes a stored XSS in Chamilo LMS 1.11.28, specifically in the message compose feature. The vulnerability allows an attacker to inject malicious scripts into messages, which execute when recipients (e.g., administrators) reply to the message. The available documents consistentl...
CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. I...
UBUNTU-CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. I...