420 matches found
CVE-2026-23850
SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted server side html-rendering which allows arbitrary file read LFD. Version 3.5.4 fixes the issue...
SiYuan path traversal vulnerability
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.4 contained a path traversal vulnerability. This vulnerability stemmed from the markdown feature, which allowed unlimited server-side HTML rendering, potentially leading to...
PT-2026-3496
Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.5.4 Description The markdown feature in SiYuan allows unrestricted server-side HTML rendering, which can lead to arbitrary file read LFD and Server-Side Request Forgery SSRF. This issue occurs because the markdown...
CVE-2025-13725 Gutenberg Thim Blocks <= 1.0.1 - Authenticated (Contributor+) Arbitrary File Read via 'iconSVG' Parameter
The Gutenberg Thim Blocks – Page Builder, Gutenberg Blocks for the Block Editor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 1.0.1. This is due to insufficient path validation in the server-side rendering of the thim-blocks/icon block. This make...
PT-2026-3342
The Gutenberg Thim Blocks – Page Builder, Gutenberg Blocks for the Block Editor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 1.0.1. This is due to insufficient path validation in the server-side rendering of the thim-blocks/icon block. This make...
Cross-site Scripting (XSS)
Overview org.webjars.npm:svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bind:value of server-side rendered elements when user-supplied content is not properly escaped. An attacker can execute arbitrary script...
Cross-site Scripting (XSS)
Overview svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bind:value of server-side rendered elements when user-supplied content is not properly escaped. An attacker can execute arbitrary scripts in the context...
GHSA-GW32-9RMW-QWWW svelte is vulnerable to XSS with textarea bind:value
Summary A server-side rendered with two-way bound value does not have its value correctly escaped in the rendered HTML. Details In SSR, does not have its value escaped when it is rendered into the HTML as .... PoC Put this in a server-side-rendered Svelte component: let value = test'"alert'BIM';;...
svelte is vulnerable to XSS with textarea bind:value
Summary A server-side rendered with two-way bound value does not have its value correctly escaped in the rendered HTML. Details In SSR, does not have its value escaped when it is rendered into the HTML as .... PoC Put this in a server-side-rendered Svelte component: let value = test'"alert'BIM';;...
CVE-2025-15265
An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable. The key is embedded inside a block without HTML‑safe escaping, allowing to terminate the script and inject arbitrary JavaScript. This enables remote script execution in users' browsers, with potential for...
svelte vulnerable to Cross-site Scripting
Summary An XSS vulnerability exists in Svelte 5.46.0-2 resulting from improper escaping of hydratable keys. If these keys incorporate untrusted user input, arbitrary JavaScript can be injected into server-rendered HTML. Details When using the hydratable function, the first argument is used as a k...
CVE-2025-15265 Svelte 5.46.0 - Hydratable Key Script-Breakout XSS (SSR)
An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable. The key is embedded inside a block without HTML‑safe escaping, allowing to terminate the script and inject arbitrary JavaScript. This enables remote script execution in users' browsers, with potential for...
EUVD-2026-2733
An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable. The key is embedded inside a block without HTML‑safe escaping, allowing to terminate the script and inject arbitrary JavaScript. This enables remote script execution in users' browsers, with potential for...
PT-2026-3102
An SSR XSS exists in async hydration when attacker‑controlled keys are passed to hydratable. The key is embedded inside a block without HTML‑safe escaping, allowing to terminate the script and inject arbitrary JavaScript. This enables remote script execution in users' browsers, with potential for...
Cross-site Scripting (XSS)
React Router is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of untrusted input in the meta / APIs during server-side rendering, which allows an attacker to inject malicious script content into generated script:ld+json tags and execute arbitrary JavaScript...
SUSE CVE-2026-21884
React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript...
Cross-site Scripting (XSS)
React Router is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of untrusted input in the API during server-side rendering when generating keys via the getKey or storageKey props, which allows an attacker to inject and execute arbitrary JavaScript...
Linux Distros Unpatched Vulnerability : CVE-2026-21884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React...
Linux Distros Unpatched Vulnerability : CVE-2025-59057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exist...
CVE-2025-59057
React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution...