Lucene search
K

6 matches found

EUVD
EUVD
added 2026/06/20 3:21 p.m.7 views

EUVD-2026-38112

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS5.7AI score0.00209EPSS
Exploits0References4
CVE
CVE
added 2026/06/20 3:21 p.m.19 views

CVE-2026-56317

CVE-2026-56317 affects Nuxt before 4.4.7 and the 3.x branch before 3.21.7. The NoScript component writes slot content to innerHTML without escaping, enabling cross-site scripting via untrusted data in NoScript slots (e.g., route.query parameters). Impact is XSS in pages rendering NoScript content...

6.1CVSS5.7AI score0.00209EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/06/16 11:38 p.m.9 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:nuxt is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the NoScript component when untrusted input is interpolated into its slot content. An attacker can inject malicious HTML or scripts by supplying specially crafted data that is...

6.1CVSS5.9AI score0.00209EPSS
Exploits0References2
myhack58
myhack58
added 2016/11/28 12:0 a.m.38 views

The “elegance”of Linux vulnerabilities: rare ways to bypass the ASLR and DEP protection mechanisms-vulnerability warning-the black bar safety net

! The recent foreign researchers published a exp code in the finished patch to the Fedora and other Linux system on the drive-by attacks, in order to install keyloggers, backdoors and other malicious software. This exp is for the GStreamer framework in a memory-corruption vulnerability that...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2013/11/06 2:36 p.m.9 views

Twitter Fixes Bug that Enabled Takeover of Any Account

Security researcher Henry Hoggard recently discovered a cross site request forgery CSRF vulnerability in Twitter’s “add a mobile device” feature, giving him the ability to read direct messages and tweet from any account. Hoggard, a security researcher at MWRInfosecurity, told Threatpost via email...

7.9AI score
Exploits0References2
myhack58
myhack58
added 2011/12/14 12:0 a.m.45 views

Browser is Firefox under attack skills summary-vulnerability warning-the black bar safety net

A Key Logger // First in Mozilla Firefox use addEventListener for keypress event to register an event handler, here is the onkey function, in order to achieve the keyboard record function. document. addEventListener"keypress", onkey,false; var keys="; function onkeye keyss += String. fromCharCode...

7.4AI score
Exploits0
Rows per page
Query Builder