4 matches found
CVE-2026-11975
Stored cross-site scripting XSS in NewsItemApiController In SimplCommerce prior to commit 6142d3b5 allows an authenticated administrator to execute arbitrary JavaScript via the ShortContent and FullContent fields, which are stored without HTML sanitization and rendered unencoded via @Html.Raw...
CVE-2026-11975
CVE-2026-11975 : In SimplCommerce, stored XSS occurs in the NewsItemApiController before commit 6142d3b5, allowing an authenticated administrator to inject JavaScript via ShortContent and FullContent that are stored without HTML sanitization and rendered with Html.Raw(). Affected: News module adm...
MAL-2022-808 Malicious code in abu-news-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0e3522803d9a80fcb186ab8177b4349b1fd1ede2f311d263455a07bdf492bfb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in abu-news-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0e3522803d9a80fcb186ab8177b4349b1fd1ede2f311d263455a07bdf492bfb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...