Lucene search
K

4 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in node-body-parser

body-parser is a Node.js body parsing middleware. body-parser version 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue has...

7.5CVSS7AI score0.00824EPSS
Exploits1References1
Snyk
Snyk
added 2026/05/29 2:7 p.m.6 views

Cross-site Scripting (XSS)

Overview @haxtheweb/haxcms-nodejs is a HAXcms nodejs backend Affected versions of this package are vulnerable to Cross-site Scripting XSS via the saveNode endpoint due to insufficient sanitization of the node.body parameter, allowing event handler attributes without whitespace to bypass the HTML...

8.7CVSS5.4AI score0.00228EPSS
Exploits0References2
Prion
Prion
added 2009/06/16 7:30 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/06/16 7:0 p.m.17 views

CVE-2009-2078

Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...

5.8AI score0.01065EPSS
Exploits0References5
Rows per page
Query Builder