8 matches found
CVE-2026-47345
Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...
CVE-2026-47345
The CVE-2026-47345 issue affects the TYPO3 html-sanitizer component prior to version 2.3.2, where namespace attributes are not encoded correctly during HTML serialization, enabling bypass of the built-in XSS prevention. The underlying impact is a cross-site scripting risk in affected TYPO3 deploy...
CVE-2026-47345
Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...
CVE-2026-47345 TYPO3 HTML Sanitizer allows Cross-Site Scripting
Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...
CVE-2026-47345 TYPO3 HTML Sanitizer allows Cross-Site Scripting
Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...
EUVD-2026-35192
Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...
PT-2026-47449
Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...
CVE-2013-5878
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not...