Lucene search
K

206 matches found

OSV
OSV
added 2026/05/06 8:18 p.m.4 views

GHSA-F5P7-2C9Q-8896 phpMyFAQ has Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization

Summary The FAQ creation and update endpoints in phpMyFAQ apply FILTERSANITIZESPECIALCHARS which HTML-encodes input, then immediately call htmlentitydecode which reverses the encoding, followed by Filter::removeAttributes which only strips HTML attributes — not tags. This allows , , , and tags to...

5.4CVSS6.1AI score0.00153EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.13 views

PT-2026-38567

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists where a trusted template author can include a tag with an empty type attribute or a type attribute containing ASCII whitespace. This causes the...

9.8CVSS5.9AI score0.00371EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/24 4:57 p.m.28 views

CVE-2026-41067 Astro: XSS via incomplete `</script>` sanitization in `define:vars` allows case-insensitive and whitespace-based bypass

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace o...

6.1CVSS0.00189EPSS
Exploits1References1
CVE
CVE
added 2026/04/24 4:57 p.m.16 views

CVE-2026-41067

Summary: CVE-2026-41067 affects Astro’s SSR pipeline, where defineScriptVars sanitizes inline script values using a case-sensitive //g regex. This fails to match closing script tags when payloads use case variants (e.g., ), whitespace before &gt; (), or self-closing forms (), allowing injected HT...

6.1CVSS5.5AI score0.00189EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-6019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - http.cookies.Morsel.jsoutput returns an inline snippet and only escapes for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence...

6.1CVSS6AI score0.00229EPSS
Exploits1References4
OSV
OSV
added 2026/04/22 8:16 p.m.8 views

DEBIAN-CVE-2026-6019

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

6.1CVSS5.2AI score0.00229EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/22 7:55 p.m.7 views

Cross-site Scripting (XSS)

Overview @marko/runtime-tags is an Optimized runtime for Marko templates. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of interpolated values within or tags due to improper case-insensitive detection of closing tags. An attacker can execute arbitrar...

6.4CVSS5.8AI score0.00195EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/22 7:55 p.m.8 views

Cross-site Scripting (XSS)

Overview marko is an UI Components + streaming, async, high performance, HTML templating for Node.js and the browser. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of interpolated values within or tags due to improper case-insensitive detection of...

6.4CVSS5.8AI score0.00195EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 7:28 p.m.80 views

CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

2.1CVSS0.00229EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2026/04/22 7:28 p.m.4 views

CVE-2026-6019

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

6.1CVSS5.2AI score0.00229EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.13 views

PT-2026-34608

Name of the Vulnerable Software and Affected Versions Marko affected versions not specified Description When dynamic text is interpolated into or tags, the runtime fails to prevent tag breakout if the closing tag uses non-lowercase casing. This occurs because the system uses case-sensitive regula...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-34549

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The js output function in http.cookies.Morsel returns an inline snippet that only escapes double quotes for JavaScript string context. It fails to neutralize the HTML parser-sensitive sequence...

6.1CVSS5.1AI score0.00229EPSS
Exploits1References94
OSV
OSV
added 2026/04/21 8:39 p.m.9 views

GHSA-J687-52P2-XCFF Astro: XSS in define:vars via incomplete </script> tag sanitization

Summary The defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace or / before the closing , allowing ...

6.1CVSS6AI score0.00189EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/21 8:39 p.m.5 views

Cross-site Scripting (XSS)

Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the defineScriptVars function due to incomplete sanitization of closing tags within injected variables. A...

6.1CVSS5.5AI score0.00189EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.11 views

PT-2026-34233

Summary The defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace or / before the closing , allowing ...

6.1CVSS6AI score0.00189EPSS
Exploits1References5
CVE
CVE
added 2026/04/08 6:1 p.m.19 views

CVE-2026-34718

CVE-2026-34718 affects Zammad, a web-based open source helpdesk system. The vulnerability stems from improper sanitization in the HTML sanitizer for ticket articles, which failed to neutralize certain data URI schemes, allowing malicious content to be stored in the database. The issue is mitigate...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/08 9:31 a.m.3 views

EUVD-2026-20276

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

5.9AI score0.0026EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39628

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

5.3CVSS0.0026EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39629

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through = 1.0.9...

5.9AI score0.00236EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.23 views

CVE-2026-39628 WordPress DukaMarket theme <= 1.3.0 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

5.3CVSS0.0026EPSS
Exploits0References1
Rows per page
Query Builder