Astra Linux - уязвимость в prototypejs

A issue was discovered in the stripTags and unescapeHTML components of Prototype 1.7.3. An attacker can cause a Regular Expression Denial of Service ReDOS by stripping crafted HTML tags...

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and the striptags template filter are vulnerable to a potential denial-of-service attack due to certain inputs containing large sequences of nested incomplete HTML entities...

Unity Linux 20.1070e Security Update: python-django (UTSA-2026-006130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006130 advisory. An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential...

EUVD-2021-1388

Malware in sbrugna...

CVE-2021-32696

The npm package "striptags" is an implementation of PHP's striptags in Typescript. In striptags before version 3.2.0, a type-confusion vulnerability can cause striptags to concatenate unsanitized strings when an array-like object is passed in as the html parameter. This can be abused by an attack...

OESA-2025-1524 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential...

GHSA-8J24-CJRQ-GR2M Django has a denial-of-service possibility in strip_tags()

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

PYSEC-2025-37

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

DEBIAN-CVE-2025-32873

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

Allocation of Resources Without Limits or Throttling

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the striptags function. An attacker can cause slow performance by...

UBUNTU-CVE-2025-32873

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

The vulnerability of the stripTags component and unescapeHTML in the DOM and AJAX Prototype framework allows a hacker to cause a service failure.

The vulnerability of the stripTags and unescapeHTML components in the DOM and AJAX Prototype framework is related to insufficient processing of regular expressions. Exploiting this vulnerability can allow an attacker to cause service failures...

GHSA-8498-2H75-472J Django denial-of-service in django.utils.html.strip_tags()

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities...

PYSEC-2024-156

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities...

DEBIAN-CVE-2024-53907

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities...

PYSEC-2024-156

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities...

SUSE CVE-2024-53907

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities...

PHP-Nuke Top Module SQL Injection

Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...

Cross-site Scripting (XSS)

jodit is vulnerable to cross-site scripting. The library does not properly escape specially constructed input through stripTags when a user copy-pastes content from a page controlled by the attacker, which allows malicious javascript execution on victim's browser...

The vulnerability of the npm striptags package, related to data type processing errors, allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the npm striptags package is related to errors in data type handling. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks XSS...