12 matches found
EUVD-2025-11952
Malicious code in bioql PyPI...
CVE-2025-43954
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...
QMarkdown Cross-Site Scripting (XSS) vulnerability
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...
@quasar/quasar-app-extension-qmarkdown (>=1.0.0 <=1.4.4), @sourcedigital/jsonforms-vue2-quasar-v1 (>=0.1.3 <=0.1.5) +8 more potentially affected by CVE-2025-43954 via @quasar/quasar-ui-qmarkdown (=1.4.4)
@quasar/quasar-ui-qmarkdown NPM version =1.4.4 is affected by a known vulnerability. The following packages have a transitive dependency on @quasar/quasar-ui-qmarkdown and may be impacted: - @quasar/quasar-app-extension-qmarkdown =1.0.0, =0.1.3, =0.0.1, =0.10.7, =0.0.1, =0.0.3, =0.0.1, =0.10.2,...
GHSA-WM65-PH3W-587C QMarkdown Cross-Site Scripting (XSS) vulnerability
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...
CVE-2025-43954
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...
CVE-2025-43954
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...
QMarkdown 安全漏洞
QMarkdown is an open source Quasar UI application extension for Quasar Framework to display inline markup. A security vulnerability exists in QMarkdown versions prior to 2.0.5, which stems from a cross-site scripting attack that can be caused by headers even if no-html is set...
PT-2025-17414 · Markdown · Qmarkdown
Name of the Vulnerable Software and Affected Versions: QMarkdown aka quasar-ui-qmarkdown versions prior to 2.0.5 Description: The issue allows for XSS via headers, even when the no-html option is set. This could potentially lead to malicious script execution. Recommendations: For versions prior t...
CVE-2025-43954
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...
CVE-2025-43954
QMarkdown (quasar-ui-qmarkdown) before 2.0.5 is affected: it allows XSS via headers even when the no-html option is set. Affected versions are prior to 2.0.5. Remediation: upgrade to 2.0.5 or later (or apply vendor-provided patches). Exploitation details and in-the-wild status are not described i...
CVE-2025-43954
QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...