4 matches found
CVE-2026-59710
Showdown (the Showdown library) contains a stored XSS flaw in parseHeaders (src/subParsers/makehtml/tables.js) where table header ID attributes are not properly escaped. Attackers can inject arbitrary HTML and script-executing SVG elements through double-quote characters in Markdown table headers...
EUVD-2007-0785
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript."...
CVE-2007-0788
Cross-site scripting XSS vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript."...