Lucene search
K

7 matches found

NVD
NVD
added 16 hours ago8 views

CVE-2026-57963

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

6.5CVSS
Exploits0References3
Cvelist
Cvelist
added 17 hours ago9 views

CVE-2026-57963 Chat UI manipulation by injection

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

Exploits0References3
Veracode
Veracode
added 2024/06/06 6:42 a.m.9 views

Cross-Site Scripting

typo3/cms is vulnerable to Cross-Site Scripting. The vulnerability is due to improper sanitization of user input in the CSS styled content component, which allows an authenticated users to inject arbitrary HTML or JavaScript...

6.7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/06/04 2:48 p.m.8 views

Cross-Site Scripting (XSS) in TYPO3 component CSS styled content

Failing to properly encode user input, the CSS styled content component is susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or JavaScript...

6.8AI score
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2016/05/20 12:0 a.m.14 views

TYPO3 Multiple Vulnerabilities-02 (May 2016)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...

7.3AI score
Exploits0References3
Friends Of PHP
Friends Of PHP
added 2016/02/23 12:28 p.m.10 views

Cross-Site Scripting in TYPO3 component CSS styled content

More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-007/...

7.2AI score
Exploits0Affected Software1
Typo3
Typo3
added 2016/02/23 12:0 a.m.21 views

Cross-Site Scripting in TYPO3 component CSS styled content

It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting. Component Type: TYPO3 CMS Release Date: February 23, 2016 Vulnerable subcomponent: CSS styled content Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.18 and 7.6.0 to 7.6.3 Severity: Medium...

6.9AI score
Exploits0Affected Software1
Rows per page
Query Builder