208 matches found
EUVD-2021-0187
Malware in sbrugna...
EUVD-2025-30680
Malicious code in bioql PyPI...
EUVD-2025-24696
Malicious code in bioql PyPI...
EUVD-2024-3226
Malicious code in bioql PyPI...
CVE-2025-59573
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in CozyThemes Cozy Blocks cozy-addons allows Code Injection.This issue affects Cozy Blocks: from n/a through = 2.1.29...
CVE-2025-59573
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in CozyThemes Cozy Blocks cozy-addons allows Code Injection.This issue affects Cozy Blocks: from n/a through = 2.1.29...
WordPress plugin Cozy Blocks 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Linux Distros Unpatched Vulnerability : CVE-2025-30359
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source...
A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.
...
CVE-2025-54698
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in RadiusTheme Classified Listing classified-listing allows Code Injection.This issue affects Classified Listing: from n/a through = 5.0.0...
WordPress Taeggie Feed Cross-Site Scripting Vulnerability
WordPress Taeggie Feed is a plugin on WordPress that is mainly used to integrate social media content into a website, supporting dynamic syndication on platforms like Facebook, Instagram, Twitter and LinkedIn. WordPress Taeggie Feed suffers from a cross-site scripting vulnerability that originate...
WordPress plugin Taeggie Feed 跨站脚本漏洞
WordPress Taeggie Feed is a plugin on WordPress that is mainly used to integrate social media content into a website, supporting dynamic syndication on platforms like Facebook, Instagram, Twitter and LinkedIn. WordPress Taeggie Feed suffers from a cross-site scripting vulnerability that originate...
GHSA-4V9V-HFQ4-RM2V webpack-dev-server users' source code may be stolen when they access a malicious web site
Summary Source code may be stolen when you access a malicious web site. Details Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject in their site and run the script. Note that the attacker has to know the port and the output entrypoi...
CVE-2023-23735
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brainstorm Force Spectra allows Code Injection.This issue affects Spectra: from n/a through 2.3.0...
CVE-2022-38771
The mobile application in Transtek Mojodat FAM Fixed Asset Management 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request...
CVE-2021-35959
In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...
PT-2025-15953 · Tutor Lms · Tutor Lms
Name of the Vulnerable Software and Affected Versions: Tutor LMS versions n/d through 3.4.0 Description: The issue is related to an improper neutralization of script-related HTML tags in a web page, which can lead to a basic Cross-Site Scripting XSS attack. This allows an attacker to inject...
WordPress plugin Better Section Navigation Widget 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
PT-2025-5498 · Unknown · Listamester
Name of the Vulnerable Software and Affected Versions: Listamester versions through 2.3.4 Description: The issue is related to improper neutralization of script-related HTML tags in a web page, which allows for Stored XSS attacks. This means an attacker can inject malicious scripts into the web...
Fortinet FortiPortal 安全漏洞
Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. A cross-site scripting vulnerability exists in Fortinet FortiPortal that stems from an...