CVE-2026-41043

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. An authenticated attacker can show malicious content when browsing queues in the web console by overriding the content type to be HTML instead of XML and by injecting...

SUSE-SU-2026:0780-1 Security update for tracker-miners

This update for tracker-miners fixes the following issues: - CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files bsc1257606. - CVE-2026-1765: denial of Service and potential information disclosure via crafted MP3 files bsc1257607. -...

EUVD-2025-38010

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

EUVD-2008-0275

Malware in sbrugna...

EUVD-2002-1332

Malware in sbrugna...

EUVD-2021-31046

Malicious code in bioql PyPI...

EUVD-2022-1959

Malicious code in bioql PyPI...

EUVD-2025-4461

Malicious code in bioql PyPI...

EUVD-2024-22237

Malicious code in bioql PyPI...

EUVD-2023-52352

Malicious code in bioql PyPI...

CVE-2025-54698

CVE-2025-54698 concerns the WordPress Classified Listing plugin (RadiusTheme Classified Listing) up to version 5.0.0, with a vulnerability described as improper neutralization of script-related HTML tags in web pages, enabling content injection that can lead to basic XSS/Code Injection. Connected...

Linux Distros Unpatched Vulnerability : CVE-2025-32873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potenti...

CVE-2023-33359

Piwigo 13.6.0 is vulnerable to Cross Site Request Forgery CSRF in the "add tags" function...

CVE-2023-47663

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Menno Luitjes Foyer allows Code Injection.This issue affects Foyer: from n/a through 1.7.5...

PT-2025-22779 · Unknown · Xili-Tidy-Tags

Name of the Vulnerable Software and Affected Versions: xili-tidy-tags versions 1.12.06 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This type of issue occurs when...

GHSA-FPX3-H2PC-88VF Laravel Starter Cross Site Scripting (XSS)

Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting XSS in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field...

PT-2025-16137 · Mediawiki · Mediawiki

Name of the Vulnerable Software and Affected Versions: Mediawiki - HTML Tags versions 1.39 through 1.43 Description: The issue is related to improper input validation, allowing Cross-Site Scripting XSS in Mediawiki - HTML Tags. This is due to a lack of proper validation of user input, which can...

CVE-2025-22501

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Improve My City Improve My City improve-my-city allows Reflected XSS.This issue affects Improve My City: from n/a through = 1.6...

CVE-2024-44061

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory EU/UK VAT Manager for WooCommerce eu-vat-for-woocommerce.This issue affects EU/UK VAT Manager for WooCommerce: from n/a through = 2.12.14...

WordPress Elegant Addons for elementor plugin <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML tags vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via HTML tags vulnerability discovered by João G. Barbosa 4rCanJ0x! in WordPress Plugin Elegant Addons for elementor versions = 1.0.8...