CVE-2025-68457 Orejime has executable code in HTML attributes

Orejime is a consent manager that focuses on accessibility. On HTML elements handled by Orejime prior to version 2.3.2, one could run malicious code by embedding javascript: code within data attributes. When consenting to the related purpose, Orejime would turn data attributes into unprefixed one...

PT-2025-42569

Name of the Vulnerable Software and Affected Versions mediawiki affected versions not specified Description The software contains a flaw related to sanitizing attributes unwrapped from data-ve-attributes. This could potentially allow for issues related to attribute handling. Recommendations At th...