6 matches found
EUVD-2026-38112
Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...
CVE-2026-56317
CVE-2026-56317 affects Nuxt before 4.4.7 and the 3.x branch before 3.21.7. The NoScript component writes slot content to innerHTML without escaping, enabling cross-site scripting via untrusted data in NoScript slots (e.g., route.query parameters). Impact is XSS in pages rendering NoScript content...
Cross-site Scripting (XSS)
Overview org.webjars.npm:nuxt is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the NoScript component when untrusted input is interpolated into its slot content. An attacker can inject malicious HTML or scripts by supplying specially crafted data that is...
The “elegance”of Linux vulnerabilities: rare ways to bypass the ASLR and DEP protection mechanisms-vulnerability warning-the black bar safety net
! The recent foreign researchers published a exp code in the finished patch to the Fedora and other Linux system on the drive-by attacks, in order to install keyloggers, backdoors and other malicious software. This exp is for the GStreamer framework in a memory-corruption vulnerability that...
Twitter Fixes Bug that Enabled Takeover of Any Account
Security researcher Henry Hoggard recently discovered a cross site request forgery CSRF vulnerability in Twitter’s “add a mobile device” feature, giving him the ability to read direct messages and tweet from any account. Hoggard, a security researcher at MWRInfosecurity, told Threatpost via email...
Browser is Firefox under attack skills summary-vulnerability warning-the black bar safety net
A Key Logger // First in Mozilla Firefox use addEventListener for keypress event to register an event handler, here is the onkey function, in order to achieve the keyboard record function. document. addEventListener"keypress", onkey,false; var keys="; function onkeye keyss += String. fromCharCode...