13 matches found
EUVD-2019-4051
Malware in sbrugna...
EUVD-2024-2958
Malicious code in bioql PyPI...
EUVD-2025-30714
Malicious code in bioql PyPI...
EUVD-2022-27717
Malicious code in bioql PyPI...
CVE-2025-2254
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks...
CVE-2025-2254 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks...
CVE-2019-5471
An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6...
CVE-2024-10441
Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS BSM before 1.1-65374 and Synology DiskStation Manager DSM before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2024-56277 WordPress Poll Maker Plugin < 5.5.5 - HTML Injection vulnerability
Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through 5.5.5...
CVE-2024-8179
CVE-2024-8179 affects GitLab CE/EE, specifically versions 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. The issue is caused by improper output encoding that can lead to cross-site scripting (XSS) if CSP is not enabled. The vulnerability is scoped to the web page generation path ...
CVE-2023-3190
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
WSO2 多个产品跨站脚本漏洞
WSO2 API Manager and others are products of WSO2, Inc.WSO2 API Manager is an API lifecycle management solution.WSO2 Dashboard Server is a dashboard server.WSO2 Identity Server IS is an identity server. A security vulnerability exists in several WSO2 products that stems from incorrect output...
Wordpress WP Customer Reviews Cross-Site Scripting Vulnerability
Wordpress WP Customer Reviews is a Wordpress open source application plugin. A cross-site scripting vulnerability exists in the WP Customer Reviews WordPress plugin versions prior to 3.4.3. The vulnerability stems from the program not properly validating input and not encoding output. An attacker...