2 matches found
CVE-2026-42506
A flaw was found in golang.org/x/net/html. When parsing arbitrary HTML that is subsequently rendered, an unexpected HTML tree can be generated. A remote attacker could leverage this vulnerability to execute Cross-Site Scripting XSS attacks in applications that attempt to sanitize input HTML befor...
Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities
Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12800/info Phorum is reportedly affected by multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inp...