6 matches found
EUVD-2024-53128
Malicious code in bioql PyPI...
EUVD-2024-53126
Malicious code in bioql PyPI...
EUVD-2024-53127
Malicious code in bioql PyPI...
CVE-2024-56358
grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because JavaScript in an SVG file would be evaluated in the context of their current page. This issue has been patched in version 1.3.2. Users are...
CVE-2024-56359
grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link in a HyperLink cell using a control modifier meaning for example Ctrl+click could have their account compromised, since the link could use the javascript: scheme and be evaluated in the context...
CVE-2024-56358 Cross-site Scripting vulnerability through svg attachment previews in grist-core
grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because JavaScript in an SVG file would be evaluated in the context of their current page. This issue has been patched in version 1.3.2. Users are...