EUVD-2022-7626

Malicious code in bioql PyPI...

CVE-2022-25929 Cross-site Scripting (XSS)

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...

CVE-2022-25929 Cross-site Scripting (XSS)

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...

CVE-2022-25929

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...

Cross site scripting

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting XSS due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties...