CVE-2026-24476 Shaarli vulnerable to stored XSS via Suggested Tags

Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...

CVE-2026-24476 Shaarli vulnerable to stored XSS via Suggested Tags

Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...

CVE-2026-24476

Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...

CVE-2026-24476

Shaarli (personal bookmarking service) is affected by CVE-2026-24476 prior to version 0.16.0. A malicious tag beginning with a double quote (") prematurely ends the start-page input tag and injects arbitrary HTML, enabling a possible XSS. The issue is fixed in version 0.16.0. Public references in...

CVE-2026-24476

Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...

CVE-2025-55310

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in...

EUVD-2025-202709

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in...

EUVD-2023-0605

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-23923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found Moodle which exists due to insufficient limitations on the start page preference. A remote attacker can set that preference for...

CVE-2020-6365

SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the...

BIT-MOODLE-2023-23923 Moodle: possible to set the preferred "start page" of other users

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

CVE-2023-23923

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

CVE-2023-23923

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

CVE-2023-23923

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

CVE-2023-23923

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

UBUNTU-CVE-2023-23923

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

Moodle 安全漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from an insufficient restriction of start page preferences, which can be exploite...

CVE-2023-23923 Moodle: possible to set the preferred "start page" of other users

The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality...

Malicious code in launcher-start-page (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c26fefa43c2e6dbcc8f19f621f71b06602f1dee3deb4bfa27a4eaad60561d4dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4262 Malicious code in launcher-start-page (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c26fefa43c2e6dbcc8f19f621f71b06602f1dee3deb4bfa27a4eaad60561d4dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...