Malicious code in @cewe-designsystem/component_modal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdba0177e300dffd060ffb2a66eb4f6c09d777ee521bbbbe3d60b9d59a98c5ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

TYPO3 Cross-Site Scripting in Backend Modal Component

Failing to properly encode user input, notifications shown in modal windows in the TYPO3 backend are vulnerable to cross-site scripting. A valid backend user account is needed in order to exploit this vulnerability...

TYPO3 Cross-Site Scripting in Backend Modal Component

Failing to properly encode user input, notifications shown in modal windows in the TYPO3 backend are vulnerable to cross-site scripting. A valid backend user account is needed in order to exploit this vulnerability...

GHSA-HPFQ-8WX8-CGQW Cross-Site Scripting in ids-enterprise

Versions of ids-enterprise prior to 4.18.2 are vulnerable to Cross-Site Scripting XSS. The modal component fails to sanitize input to the title attribute, which may allow attackers to execute arbitrary JavaScript. Recommendation Upgrade to version 4.18.2 or later...

Cross-Site Scripting

Overview Versions of ids-enterprise prior to 4.18.2 are vulnerable to Cross-Site Scripting XSS. The modal component fails to sanitize input to the title attribute, which may allow attackers to execute arbitrary JavaScript. Recommendation Upgrade to version 4.18.2 or later References - GitHub Issu...