6 matches found
PT-2026-46005
Name of the Vulnerable Software and Affected Versions Kimi AI version 1.0 Description A Cross Site Scripting issue exists in the 'Preview' feature of the web interface. The application does not properly sanitize or encode HTML or JavaScript payloads produced by the AI model. When a user accesses...
CVE-2025-62413
MQTTX v1.12.0 contains an XSS in the message viewer caused by improper rendering of MQTT payloads (HTML/JS). This can execute scripts in the app UI and potentially access credentials or trigger actions. The issue is fixed in v1.12.1; upgrading to 1.12.1 is the recommended remediation. The vulnera...
CVE-2025-62413 MQTTX vulnerable to cross-site scripting via improper message payload rendering
MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...
CVE-2025-62413 MQTTX vulnerable to cross-site scripting via improper message payload rendering
MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...
MQTTX 跨站脚本漏洞
MQTTX is an open source MQTT client toolkit from EMQ Technologies. A cross-site scripting vulnerability exists in MQTTX version 1.12.0, which stems from improper handling of MQTT message payload rendering and could lead to cross-site scripting attacks...
EUVD-2025-28605
Malicious code in bioql PyPI...