EUVD-2025-14282

Malicious code in bioql PyPI...

CVE-2025-47828

Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings...

@lumieducation/h5p-server Fails to Sanitize Plain Text Strings

Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings...

CVE-2025-47828

Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings...

CVE-2025-47828

Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings...

CVE-2025-47828

CVE-2025-47828 affects Lumi H5P-Nodejs-library before 9.3.3. The root cause is omission of sanitizeHtml for plain text strings, enabling potential Cross-Site Scripting (XSS) risks. Impact is limited to confidentiality and integrity with no reported availability impact; attack vector is network, w...

CVE-2025-47828

Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings...

PT-2025-20649 · Unknown · Lumi H5P-Nodejs-Library

Name of the Vulnerable Software and Affected Versions: Lumi H5P-Nodejs-library versions prior to 9.3.3 Description: The issue is related to the omission of a sanitizeHtml call for plain text strings. This could potentially lead to security issues, although specific details about the estimated...

CVE-2022-32763

A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-32763

A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

Cross site scripting

A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

Lansweeper lansweeper SanitizeHtml cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1541 Lansweeper lansweeper SanitizeHtml cross-site scripting XSS vulnerability December 1, 2022 CVE Number CVE-2022-32763 SUMMARY A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper...

Denial Of Service (DoS)

lettersanitizer is vulnerable to denial of service. The vulnerability exists in the sanitizeHtml function in index.js as it does not properly handle css at-rules, allowing an attacker to crash the system via a malicious request...

CVE-2021-32608

An issue was discovered in Smartstore aka SmartStoreNET through 4.1.1. Views/Boards/Partials/ForumPost.cshtml does not call HtmlUtils.SanitizeHtml on certain text for a forum post...