CVE-2026-41067

Summary: CVE-2026-41067 affects Astro’s SSR pipeline, where defineScriptVars sanitizes inline script values using a case-sensitive //g regex. This fails to match closing script tags when payloads use case variants (e.g., ), whitespace before > (), or self-closing forms (), allowing injected HT...

PT-2026-34233

Summary The defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace or / before the closing , allowing ...

CVE-2026-29141 Bounded Subject Tag Sanitization

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...

CVE-2026-29141

The CVE affects SEPPmail Secure Email Gateway prior to version 15.0.3 . The issue is an insufficient subject sanitization that allows an attacker to forge tags such as [signed OK] . Documented impact shows no confidentiality impact, but potential integrity impact (subsequent) is HIGH ; attack vec...

USN-8097-1: Roundcube Webmail vulnerabilities

It was discovered that Roundcube Webmail did not properly sanitize the animate tag within SVG documents. An attacker could possibly use this issue to cause a cross-site scripting attack...

CVE-2026-31873 Unhead has a Bypass of URI Scheme Sanitization in makeTagSafe via Case-Sensitivity

Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe safe.ts uses String.includes, which is case-sensitive. Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as data:text/css,... to the browser, but 'DATA:...'.includes'data...

EUVD-2025-199654

OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while protecting against XSS. In version 20240325.1, OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style...

EUVD-2021-8241

Malicious code in bioql PyPI...

EUVD-2022-0629

Malicious code in bioql PyPI...

CVE-2025-54423

copyparty is a portable file server. In versions up to and including versions 1.18.4, an unauthenticated attacker is able to execute arbitrary JavaScript code in a victim's browser due to improper sanitization of multimedia tags in music files, including m3u files. This is fixed in version 1.18.5...

CVE-2021-20829

Cross-site scripting vulnerability due to the inadequate tag sanitization in GROWI versions v4.2.19 and earlier allows remote attackers to execute an arbitrary script on the web browser of the user who accesses a specially crafted page...

Internet Bug Bounty: ActionView sanitize helper bypass with noscript

The Rails-html-sanitizer 1.6.0 contained a vulnerability that allowed bypassing the sanitization process when the noscript tag was used. This could have led to potential cross-site scripting XSS attacks in applications that used the vulnerable version of the sanitizer, including those using the...

CVE-2021-20829

GROWI (WESEEK) has an XSS vulnerability (CVE-2021-20829) caused by inadequate tag sanitization in versions up to v4.2.19. An attacker can trigger a script in a user’s browser by loading a specially crafted page. The issue is documented across multiple sources (including Red Hat and NVD entries) a...

Design/Logic Flaw

RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...

Cross-site Scripting (XSS)

phpmyfaq is vulnerable to cross-site scripting XSS attacks. The library does not sanitize the tags in the phpmyfaq/admin/tags.main.php file, allowing a malicious user to inject and execute arbitrary web script...

Ceica-GW - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40917/info Ceica-GW is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

yamt -- arbitrary command execution vulnerability

Manigandan Radhakrishnan discovered a security vulnerability in YAMT which can lead to execution of arbitrary commands with the privileges of the user running YAMT when sorting based on MP3 tags. The problem exist in the id3tagsort routine which does not properly sanitize the artist tag from the...

Google Desktop Search - Cross-Site Scripting

Google Desktop Search - Cross-Site Scripting source: https://www.securityfocus.com/bid/11541/info Google Desktop Search is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize HTML tag content. An attacker may leverage...