17 matches found
EUVD-2025-18931
Malicious code in bioql PyPI...
Malicious code in hw-tealium (npm)
The package hw-tealium was found to contain malicious code...
MAL-2025-22826 Malicious code in hw-tealium (npm)
The package hw-tealium was found to contain malicious code...
CVE-2025-50018
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...
CVE-2025-50018
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...
CVE-2025-50018 WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...
CVE-2025-50018 WordPress Tealium plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium allows Stored XSS. This issue affects Tealium: from n/a through 2.1.17...
CVE-2025-50018
CVE-2025-50018 is a stored XSS in the WordPress Tealium plugin, caused by improper input neutralization during web page generation. The vulnerability affects Tealium versions up to 2.1.17 (per CVE records) and could enable attackers to inject scripts that execute in an affected user’s browser. Mi...
WordPress plugin Tealium 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-26375 · Tealium · Tealium
Name of the Vulnerable Software and Affected Versions: Tealium versions through 2.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicious script...
WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Tealium versions = 2.1.20...
Malicious code in angular-tealium (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c32462ecdeacbbbfee96fd4f6e31ce41d373f68b0ebb3ec17667e26a9ee66d Any computer that has this package installed or running should be considered...
MAL-2025-4550 Malicious code in angular-tealium (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c32462ecdeacbbbfee96fd4f6e31ce41d373f68b0ebb3ec17667e26a9ee66d Any computer that has this package installed or running should be considered...
Malicious code in tealium-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-3083 Malicious code in tealium-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=-...
Uber: Possibility to inject a malicious JavaScript code in any file on tags.tiqcdn.com results in a stored XSS on any page in most Uber domains
When creating new tags on Tealium, the application did not check that the user creating the tag had authorized as the same account they were creating a tag for. It was possible for an attacker to inject arbitrary content into a web page using the utag.js tag. Depending on how the victim implement...
Uber: Stored XSS on any page in most Uber domains
Due to two IDOR vulnerabilities in Tealium, it was possible to compromise an administrator’s account and inject arbitrary Javascript into https://tags.tiqcdn.com/utag/uber/, which an attacker could leverage for a stored XSS attack on several Uber domains. Additionally, a Tealium user’s password a...