3 matches found
CVE-2026-39823
CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a tag's attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the attribute, the escaper would fail to similarly escape it, leading to XSS...
PT-2026-7317
Name of the Vulnerable Software and Affected Versions Docmost versions prior to 0.25.0 Description Docmost is collaborative wiki and documentation software. The public share page functionality does not properly HTML-escape page titles before inserting them into meta tags and the title tag. This...
Amazon Linux 2 : thunderbird (ALAS-2022-1900)
The version of thunderbird installed on the remote host is prior to 102.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1900 advisory. 2024-05-09: CVE-2021-28429 was added to this advisory. Integer overflow vulnerability in avtimecodemakestring in...