8 matches found
EUVD-2025-23939
Malicious code in bioql PyPI...
CVE-2025-51629
A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...
CVE-2025-51629
A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...
Agenzia Impresa EccoBook 安全漏洞
Agenzia Impresa EccoBook is a ledger software from Agenzia Impresa, Italy. A security vulnerability exists in Agenzia Impresa EccoBook version 2.81.1, which stems from the improper handling of the Temp parameter by the PdfViewer component, which could lead to a cross-site scripting attack...
PT-2025-32293 · Unknown · Agenzia Impresa Eccobook
Name of the Vulnerable Software and Affected Versions: Agenzia Impresa Eccobook version 2.81.1 Description: A cross-site scripting XSS vulnerability exists in the PdfViewer component. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Temp...
CVE-2025-6725
In the PdfViewer component, a Cross-Site Scripting XSS vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered...
CVE-2025-6725 Cross-Site Scripting (XSS) in PdfViewer
In the PdfViewer component, a Cross-Site Scripting XSS vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered...
CVE-2025-6725
CVE-2025-6725 is a Cross-Site Scripting (XSS) vulnerability reported in the PdfViewer component across Progress Telerik UI products (e.g., UI for ASP.NET Core/Blazor/ASP.NET MVC, Kendo UI for React/Angular/jQuery). The root cause, as described in the initial materials, is insufficient validation ...