50 matches found
CVE-2026-42877 FacturaScripts: Stored XSS via product reference in sales/purchases
FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...
EUVD-2026-32630
FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...
FacturaScripts 跨站脚本漏洞
FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.92 contained a cross-site scripting vulnerability. This vulnerability stemmed from a stored-cross-site scripting vulnerability present in the product search moda...
mailcow: dockerized 跨站脚本漏洞
mailcow: dockerized is a dockerized version of the mailcow open-source application. Versions of mailcow before 2026-03b contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the isolated details modal boxes did not escape the attachment file names, allowing...
Malicious code in @modals/blockchain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9883b4336552c287c2c3ed9bb5888cc22173cd8b39fd181552f858607f0ffa70 The package @modals/blockchain was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2018 Malicious code in @modals/blockchain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9883b4336552c287c2c3ed9bb5888cc22173cd8b39fd181552f858607f0ffa70 The package @modals/blockchain was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @modals/layout (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dd7a47296a1be165b33bf8cc140bf4b6b004025557cfb22a0b75c4ec8eea864 The package @modals/layout was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2019 Malicious code in @modals/layout (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dd7a47296a1be165b33bf8cc140bf4b6b004025557cfb22a0b75c4ec8eea864 The package @modals/layout was found to contain malicious code. Source: ossf-package-analysis...
CVE-2026-24415
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contains Reflected XSS vulnerabilities in invoice/order/contract modification modals. The application fails to properly sanitize user-supplied input from the righe GET...
CVE-2026-24415
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contains Reflected XSS vulnerabilities in invoice/order/contract modification modals. The application fails to properly sanitize user-supplied input from the righe GET...
CVE-2026-24415
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contains Reflected XSS vulnerabilities in invoice/order/contract modification modals. The application fails to properly sanitize user-supplied input from the righe GET...
OpenSTAManager 跨站脚本漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the righe GET parameters in the modal box...
Malicious Package
Overview @afg-ikea/ikea-modals is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @afg-ikea/ikea-modals (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec5202678b3acce22244ccd41e821e68167ca297f94450cb3b5debeac9ec2c50 The package @afg-ikea/ikea-modals was found to contain malicious code. Source: ghsa-malware...
MAL-2026-519 Malicious code in @afg-ikea/ikea-modals (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec5202678b3acce22244ccd41e821e68167ca297f94450cb3b5debeac9ec2c50 The package @afg-ikea/ikea-modals was found to contain malicious code. Source: ghsa-malware...
CVE-2025-62095
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...
CVE-2025-62095
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...
CVE-2025-62095 WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...
EUVD-2025-205958
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Neilgee Bootstrap Modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through 1.3.2...
CVE-2025-62095 WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neilgee Bootstrap Modals bootstrap-modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through = 1.3.2...