253 matches found
SUSE CVE-2010-2301
Cross-site scripting XSS vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762...
SUSE CVE-2019-11744
Some HTML elements, such as title and textarea, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if...
CVE-2012-10005
A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site...
CVE-2012-10005 manikandan170890 php-form-builder-class Textarea Textarea.php cross site scripting
A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site...
CVE-2012-10005
CVE-2012-10005 affects the manikandan170890 php-form-builder-class, specifically the PFBC/Element/Textarea.php component (Textarea Handler). The vulnerability arises from improper handling of the value argument, enabling cross-site scripting (XSS) and allowing a remote attacker to exploit it. The...
PT-2023-9942 · Unknown · Php-Form-Builder-Class
Name of the Vulnerable Software and Affected Versions: manikandan170890 php-form-builder-class affected versions not specified Description: A vulnerability has been found in the Textarea Handler component of the php-form-builder-class, specifically in the file PFBC/Element/Textarea.php. The...
php-form-builder-class 跨站脚本漏洞
php-form-builder-class is an application by manikandan170890, an individual developer. A cross-site scripting vulnerability exists in php-form-builder-class, which stems from a problem with an unknown function in the PFBC/Element/Textarea.php file in the component Textarea Handler, where...
Stored XSS in multiple menus
Description The demo website is affected of stored XSS at multiple menus. Proof of Concept 01 1. Access to the demo website http://demos4.softaculous.com/ 2. Login with admin user they provide, press on menu Uploader, in Uploader tab, try to upload whichever file then choose Media manager tab. 3...
Cross-Site Scripting (XSS)
metro4 is vulnerable to cross-site scripting. The vulnerability exists in multiple functions because the user inputs are not properly sanitized before rendering in the textarea component which allows an attacker to inject and execute arbitrary JavaScript...
Cross site scripting in Metro UI
Metro UI v4.4.0 to v4.5.1 was discovered to contain a reflected cross-site scripting XSS vulnerability via the Javascript function. User input is not properly sanitized before rendering in the textarea component...
PT-2022-25827 · Metro Ui · Metro Ui
Name of the Vulnerable Software and Affected Versions: Metro UI versions 4.4.0 through 4.5.1 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This occurs via a Javascript function where user input is not properly sanitized before rendering in the textarea...
GHSA-PRC3-VJFX-VHM9 Angular (deprecated package) Cross-site Scripting
All versions of package angular are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. NPM package angular is deprecated. Those who want to receive security updates should use the actively maintained packag...
Cross site scripting
All versions of package angular are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...
CVE-2022-25869
All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...
UBUNTU-CVE-2022-25869
All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...
CVE-2022-25869
All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...
CVE-2022-25869
CVE-2022-25869 affects multiple Angular/AngularJS packages with an XSS through insecure IE page caching that allows textarea interpolation. Connected IBM advisory confirms impact on IBM Storage Copy Data Management: affected versions 2.2.0.0–2.2.26.0, with a fix available in 2.2.27.0 for Linux pl...
Angular 跨站脚本漏洞
Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. A cross-site scripting vulnerability exists in Angular, which stems from an insecure page cache in Internet Explorer that allows the insertion of textarea...
Cross-site Scripting (XSS)
Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. Details Cross-site scripting ...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicio...