2 matches found
Cross-site Scripting (XSS)
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Cross-site Scripting XSS via template.js. An attacker can execute arbitrary JavaScript in the context of the exported HTML by injecting a crafted value into the mimeType field of an image...
DEBIAN-CVE-2025-27406
Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...