5 matches found
CVE-2026-53741 Simple Link Directory through 9.0.4 Stored XSS via sld_no_results_found Option
Simple Link Directory through 9.0.4 interpolates the sldnoresultsfound option into a JavaScript string literal without encoding. Because sanitizetextfield leaves quotes intact, a stored payload breaks out of the string and runs script for every page visitor...
CVE-2026-53741
CVE-2026-53741 affects Simple Link Directory up to version 9.0.4. The root cause is that the sld_no_results_found option is interpolated into a JavaScript string literal without encoding. Because sanitize_text_field leaves quotes intact, a stored payload can break out of the string and execute sc...
CVE-2026-53741 Simple Link Directory through 9.0.4 Stored XSS via sld_no_results_found Option
Simple Link Directory through 9.0.4 interpolates the sldnoresultsfound option into a JavaScript string literal without encoding. Because sanitizetextfield leaves quotes intact, a stored payload breaks out of the string and runs script for every page visitor...
CVE-2021-26722
LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of the "No results found for" message in the search bar...
Linkedin Oncall 跨站脚本漏洞
Linkedin Oncall is the United States Linkedin company based on Python language can be used to manage the calendar planning platform of the building system. A security vulnerability exists in Linkedin Oncall versions 1.4.0 and earlier, which stems from the mishandling of the "No results found"...