Lucene search
K

25 matches found

Github Security Blog
Github Security Blog
added 2026/06/23 5:2 p.m.9 views

Gogs has DOM-based XSS via Milestone Name on New Issue Page

Summary The fix for GHSA-vgjm-2cpf-4g7c DOM-based XSS via milestone selection was only applied to templates/repo/issue/viewcontent.tmpl but not to templates/repo/issue/newform.tmpl. An attacker can store an HTML/JavaScript payload in a milestone name, and when any user opens the New Issue page an...

4.8CVSS6AI score0.00483EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-180282

Malicious code in astrometry-request-semantic-ui-hermes npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-180362

Malicious code in archaeogenetics-semantic-ui-weywot-gravity npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-175965

Malicious code in thermochronology-metabolomics-semantic-ui-aquarius npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-122507

Malicious code in reveal-md-lynx-semantic-ui-mensa npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/12 4:29 a.m.2 views

MAL-2025-140372 Malicious code in canopus-rollup-semantic-ui-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5103f0a8650f4e9f282e4b3f6b488dc1bca436344cd8eaa9a147741e10b363f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-122047

Malicious code in sequelize-semantic-ui-farout-public npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-122072

Malicious code in semantic-ui-leda-dependencies-rate-limiter npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.1 views

EUVD-2025-122063

Malicious code in semantic-ui-weywot-helmet-pino-pretty npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.4 views

EUVD-2025-123380

Malicious code in private-semantic-ui-lynx-query npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-124223

Malicious code in nuxtjs-bunyan-semantic-ui-warp npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-122127

Malicious code in sedna-start-semantic-ui-yildun npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-124307

Malicious code in non-blocking-loop-semantic-ui-despina npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.4 views

Malicious code in scorpius-ganymede-nightmare-semantic-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae12e449d265be6e4b1a35c89efc5d35302db289e4f40e82041ae3ce04801cc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.3 views

EUVD-2025-122079

Malicious code in semantic-ui-dione-graphql-kinetic npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-122075

Malicious code in semantic-ui-gridsome-soap-europa npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-112391

Malicious code in iota-event-lynx-semantic-ui npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.3 views

EUVD-2025-122065

Malicious code in semantic-ui-tool-fornax-package npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.3 views

EUVD-2025-116267

Malicious code in axios-non-blocking-concurrently-semantic-ui npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-46160 Malicious code in subscription-test-semantic-ui-tailwindcss (npm)

The package subscription-test-semantic-ui-tailwindcss was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder