CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6572

Malicious code in bioql PyPI...

9.8CVSS7.9AI score0.00745EPSS

Exploits1References4

RedhatCVE•added 2025/02/05 9:21 p.m.•4 views

CVE-2022-2932

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

9.8CVSS6AI score0.00745EPSS

Exploits1References1

BDU FSTEC•added 2022/08/26 12:0 a.m.•3 views

The vulnerability of the WYSIWYG editor in the Mobiledoc Kit exists due to the lack of measures taken to protect the structure of web pages. This allows attackers to execute XSS attacks.

The vulnerability of the Mobiledoc Kit WYSIWYG editor exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

10CVSS7AI score0.00745EPSS

Exploits1References3Affected Software1

vulnersOsv•added 2022/08/23 12:0 a.m.•3 views

@boundless-inc/ember-mobiledoc-editor (=0.5.13-boundless), @cardstack/mobiledoc (>=0.0.1 <=0.13.50) +19 more potentially affected by CVE-2022-2932 via mobiledoc-kit (>=0.10.15 <=0.12.5)

mobiledoc-kit NPM version =0.10.15, =0.0.1, =0.0.29, =0.1.0, =0.1.22, =0.1.6, =0.0.2, =0.4.4, =0.14.3, =0.6.3, =0.1.18, =0.0.14, =0.7.5, =0.5.0, =0.7.0 and more Source cves: CVE-2022-2932 Source advisory: OSV:GHSA-HW2P-XQHQ-3MJF...

9.8CVSS6.9AI score0.00745EPSS

Exploits1

OSV•added 2022/08/23 12:0 a.m.•12 views

GHSA-HW2P-XQHQ-3MJF Cross site scripting in mobiledoc-kit

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

6.1CVSS6AI score0.00745EPSS

Exploits1References4

Github Security Blog•added 2022/08/23 12:0 a.m.•26 views

Cross site scripting in mobiledoc-kit

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

9.8CVSS5.9AI score0.00745EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2022/08/22 2:15 p.m.•2 views

CVE-2022-2932

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

9.8CVSS5.9AI score0.00745EPSS

Exploits1References3

NVD•added 2022/08/22 2:15 p.m.•8 views

CVE-2022-2932

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

9.8CVSS0.00745EPSS

Exploits1References2

Cvelist•added 2022/08/22 1:35 p.m.•12 views

CVE-2022-2932 Cross-site Scripting (XSS) - Reflected in bustle/mobiledoc-kit

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

9.8CVSS6.2AI score0.00745EPSS

Exploits1References2

OSV•added 2022/08/22 1:35 p.m.•10 views

CVE-2022-2932 Cross-site Scripting (XSS) - Reflected in bustle/mobiledoc-kit

Cross-site Scripting XSS - Reflected in GitHub repository bustle/mobiledoc-kit prior to 0.14.2...

9.8CVSS8.3AI score0.00745EPSS

Exploits1References4

CVE•added 2022/08/22 1:35 p.m.•47 views

CVE-2022-2932

CVE-2022-2932 is a reflected XSS in mobiledoc-kit before 0.14.2. Public sources (GitHub/bustle/mobiledoc-kit, OSVGHSA, NVD) consistently describe the vulnerability as a client-side XSS via input processed by the library’s rendering chain, with the likely root cause in URL sanitization logic in th...

9.8CVSS6.2AI score0.00745EPSS

Exploits1References2Affected Software1

CNNVD•added 2022/08/22 12:0 a.m.•2 views

mobiledoc-kit 跨站脚本漏洞

mobiledoc-kit is an American Bustle open source toolkit for building WYSIWYG editors using Mobiledoc. A cross-site scripting vulnerability exists in versions of mobiledoc-kit prior to 0.14.2. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

9.8CVSS7.3AI score0.00745EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by