3 matches found
EUVD-2019-7496
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-17022
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer does not escape characters. Because the resulting string is pasted directly int...
Shopify: Stored XSS in SVG file as data: url
A stored XSS vulnerability was discovered in Shopify's rich text editor on July 24, 2021. Attackers were able to insert an XSS payload encoded in an SVG file using data: URLs. The vulnerability was fixed by preventing the conversion of data: URLs into blob: URLs...