23 matches found
EUVD-2026-43068
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0...
CVE-2026-13244
CVE-2026-13244 affects the Drupal integration module Tealium iQ Tag Management. The issue arises from how the module stores data in the PHP-serialized field tealiumiq, which can lead to an Object Injection vulnerability when serialized data is unserialized. Affected versions are Tealium iQ Tag Ma...
CVE-2026-13244 Tealium iQ Tag Management - Critical - PHP object injection - SA-CONTRIB-2026-064
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0...
DRUPAL-CONTRIB-2026-064
The Tealium iQ Tag Management module provides Drupal integration with Tealium iQ. tealiumiq stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an Object Injection vulnerability when the data are unserialized. This...
Tealium iQ Tag Management - Critical - PHP object injection - SA-CONTRIB-2026-064
The Tealium iQ Tag Management module provides Drupal integration with Tealium iQ. tealiumiq stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an Object Injection vulnerability when the data are unserialized. This...
PT-2026-52177
Name of the Vulnerable Software and Affected Versions Tealium iQ Tag Management versions 0.0.0 through 2.4.0 Description Improperly controlled modification of dynamically-determined object attributes in the Tealium iQ Tag Management module allows for Object Injection. This occurs because the...
EUVD-2025-18931
Malicious code in bioql PyPI...
Malicious code in hw-tealium (npm)
The package hw-tealium was found to contain malicious code...
MAL-2025-22826 Malicious code in hw-tealium (npm)
The package hw-tealium was found to contain malicious code...
CVE-2025-50018
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...
CVE-2025-50018
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...
CVE-2025-50018 WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...
CVE-2025-50018 WordPress Tealium plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium allows Stored XSS. This issue affects Tealium: from n/a through 2.1.17...
CVE-2025-50018
CVE-2025-50018 is a stored XSS in the WordPress Tealium plugin, caused by improper input neutralization during web page generation. The vulnerability affects Tealium versions up to 2.1.17 (per CVE records) and could enable attackers to inject scripts that execute in an affected user’s browser. Mi...
WordPress plugin Tealium 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-26375 · Tealium · Tealium
Name of the Vulnerable Software and Affected Versions: Tealium versions through 2.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicious script...
WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Tealium versions = 2.1.20...
Malicious code in angular-tealium (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c32462ecdeacbbbfee96fd4f6e31ce41d373f68b0ebb3ec17667e26a9ee66d Any computer that has this package installed or running should be considered...
MAL-2025-4550 Malicious code in angular-tealium (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c32462ecdeacbbbfee96fd4f6e31ce41d373f68b0ebb3ec17667e26a9ee66d Any computer that has this package installed or running should be considered...
Malicious code in tealium-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=-...