Lucene search
K

5 matches found

NVD
NVD
added 2026/06/17 10:16 p.m.12 views

CVE-2026-54386

marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal...

6.1CVSS0.00239EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50557

Name of the Vulnerable Software and Affected Versions marimo versions prior to 0.23.9 Description A reflected cross-site scripting issue exists in the notebook page. Unauthenticated attackers can inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query...

6.1CVSS5.1AI score0.00239EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-30547

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.01776EPSS
Exploits1References3
NVD
NVD
added 2022/02/04 6:15 p.m.8 views

CVE-2021-43635

A Cross Site Scripting XSS vulnerability exists in Codex before 1.4.0 via Notebook/Page name field, which allows malicious users to execute arbitrary code via a crafted http code in a .json file...

6.1CVSS0.01776EPSS
Exploits1References3
Prion
Prion
added 2022/02/04 6:15 p.m.17 views

Cross site scripting

A Cross Site Scripting XSS vulnerability exists in Codex before 1.4.0 via Notebook/Page name field, which allows malicious users to execute arbitrary code via a crafted http code in a .json file...

4.3CVSS5.9AI score0.01776EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder