13 matches found
EUVD-2022-7626
Malicious code in bioql PyPI...
CVE-2022-25929 Cross-site Scripting (XSS)
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
CVE-2022-25929
CVE-2022-25929 affects the smoothie package (versions 1.31.0 through before 1.36.1). The vulnerability is Cross-site Scripting (XSS) caused by improper sanitization of user-controlled values in strokeStyle and tooltipLabel properties. Multiple connected sources corroborate this XSS issue and spec...
CVE-2022-25929 Cross-site Scripting (XSS)
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
Smoothie vulnerable to Cross-site Scripting when tooltipLabel or strokeStyle are controlled by users
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
GHSA-G662-QQ45-PPWM Smoothie vulnerable to Cross-site Scripting when tooltipLabel or strokeStyle are controlled by users
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
CVE-2022-25929
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
CVE-2022-25929
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
Cross site scripting
The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...
smoothie 跨站脚本漏洞
smoothie is a smoooooth JavaScript chart for real-time streaming data by Joe Walnes, a personal developer. A security vulnerability exists in smoothie version 1.31.0 through versions prior to 1.36.1, which stems from a cross-site scripting XSS vulnerability due to improperly cleaned up user input...
Cross-site Scripting (XSS)
Overview smoothie is a Smoothie Charts: smooooooth JavaScript charts for realtime streaming data Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possib...
Smoothie Recipes - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Smoothie Recipes published at the 'play' market has multiple vulnerabilities...
Smoothie recipes - Base64 encoded String, Exported ContentProvider, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Smoothie recipes published at the 'play' market has multiple vulnerabilities...