12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-33347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - league/commonmark is a PHP Markdown parser. From version 2.3.0 to before version 2.8.2, the DomainFilteringAdapter in the Embed extension is vulnerable to an...
EUVD-2022-5057
Malicious code in bioql PyPI...
CVE-2018-20583
Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...
CVE-2019-10010
Cross-site scripting XSS vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583...
GHSA-QX76-C53F-5C7Q PHP League CommonMark vulnerable to Cross-Site Scripting (XSS)
Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...
PHP League CommonMark library cross-site scripting vulnerability
PHP League CommonMark library is a PHP-based Markdown parser from the Extraordinary Packages consortium. A cross-site scripting vulnerability exists in PHP League CommonMark library versions prior to 0.18.3, which stems from the program failing to properly escape double-encoded HTML entities. A...
CVE-2019-10010
Cross-site scripting XSS vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583...
commonmark cross-site scripting vulnerability
PHP League CommonMark library is a PHP-based Markdown parser. A cross-site scripting vulnerability exists in PHP League CommonMark library versions 0.15.6 through 0.18.1 and earlier. A remote attacker can exploit this vulnerability by injecting insecure URLs into HTML using line breaks...
CVE-2018-20583
Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...
Cross site scripting
Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...
CVE-2018-20583
Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...
CVE-2018-20583
Cross-site scripting XSS vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML even if allowunsafelinks is false via a newline character e.g., writing javascript as javascri%0apt...