Lucene search
+L

253 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.2 views

SUSE CVE-2010-2301

Cross-site scripting XSS vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762...

4.3CVSS5.8AI score0.01289EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.3 views

SUSE CVE-2019-11744

Some HTML elements, such as title and textarea, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if...

7.5CVSS7.9AI score0.0145EPSS
Exploits0References17
NVD
NVD
added 2023/01/12 4:15 p.m.19 views

CVE-2012-10005

A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site...

6.1CVSS4.5AI score0.00623EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/01/12 3:2 p.m.22 views

CVE-2012-10005 manikandan170890 php-form-builder-class Textarea Textarea.php cross site scripting

A vulnerability has been found in manikandan170890 php-form-builder-class and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PFBC/Element/Textarea.php of the component Textarea Handler. The manipulation of the argument value leads to cross site...

4CVSS6AI score0.00623EPSS
Exploits1References4
CVE
CVE
added 2023/01/12 3:2 p.m.53 views

CVE-2012-10005

CVE-2012-10005 affects the manikandan170890 php-form-builder-class, specifically the PFBC/Element/Textarea.php component (Textarea Handler). The vulnerability arises from improper handling of the value argument, enabling cross-site scripting (XSS) and allowing a remote attacker to exploit it. The...

6.1CVSS4.8AI score0.00623EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.6 views

PT-2023-9942 · Unknown · Php-Form-Builder-Class

Name of the Vulnerable Software and Affected Versions: manikandan170890 php-form-builder-class affected versions not specified Description: A vulnerability has been found in the Textarea Handler component of the php-form-builder-class, specifically in the file PFBC/Element/Textarea.php. The...

6.1CVSS4.3AI score0.00623EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/01/12 12:0 a.m.5 views

php-form-builder-class 跨站脚本漏洞

php-form-builder-class is an application by manikandan170890, an individual developer. A cross-site scripting vulnerability exists in php-form-builder-class, which stems from a problem with an unknown function in the PFBC/Element/Textarea.php file in the component Textarea Handler, where...

6.1CVSS4.1AI score0.00623EPSS
Exploits1References6
Huntr
Huntr
added 2022/12/21 8:30 a.m.23 views

Stored XSS in multiple menus

Description The demo website is affected of stored XSS at multiple menus. Proof of Concept 01 1. Access to the demo website http://demos4.softaculous.com/ 2. Login with admin user they provide, press on menu Uploader, in Uploader tab, try to upload whichever file then choose Media manager tab. 3...

4.9CVSS5.5AI score0.00518EPSS
Exploits1
Veracode
Veracode
added 2022/10/13 7:19 a.m.15 views

Cross-Site Scripting (XSS)

metro4 is vulnerable to cross-site scripting. The vulnerability exists in multiple functions because the user inputs are not properly sanitized before rendering in the textarea component which allows an attacker to inject and execute arbitrary JavaScript...

6.1CVSS6.3AI score0.00473EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/10/11 7:0 p.m.30 views

Cross site scripting in Metro UI

Metro UI v4.4.0 to v4.5.1 was discovered to contain a reflected cross-site scripting XSS vulnerability via the Javascript function. User input is not properly sanitized before rendering in the textarea component...

6.1CVSS5.6AI score0.00473EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.4 views

PT-2022-25827 · Metro Ui · Metro Ui

Name of the Vulnerable Software and Affected Versions: Metro UI versions 4.4.0 through 4.5.1 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This occurs via a Javascript function where user input is not properly sanitized before rendering in the textarea...

6.1CVSS5.8AI score0.00473EPSS
Exploits1References6
OSV
OSV
added 2022/07/16 12:0 a.m.13 views

GHSA-PRC3-VJFX-VHM9 Angular (deprecated package) Cross-site Scripting

All versions of package angular are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. NPM package angular is deprecated. Those who want to receive security updates should use the actively maintained packag...

6.1CVSS7.1AI score0.06817EPSS
Exploits1References14
Prion
Prion
added 2022/07/15 8:15 p.m.32 views

Cross site scripting

All versions of package angular are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

5.8CVSS5.8AI score0.06817EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2022/07/15 8:15 p.m.55 views

CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

6.1CVSS6.8AI score0.06817EPSS
Exploits1References2
OSV
OSV
added 2022/07/15 8:15 p.m.10 views

UBUNTU-CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

6.1CVSS6.8AI score0.06817EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/07/15 8:2 p.m.76 views

CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

6.1CVSS6.6AI score0.06817EPSS
Exploits1
CVE
CVE
added 2022/07/15 8:2 p.m.270 views

CVE-2022-25869

CVE-2022-25869 affects multiple Angular/AngularJS packages with an XSS through insecure IE page caching that allows textarea interpolation. Connected IBM advisory confirms impact on IBM Storage Copy Data Management: affected versions 2.2.0.0–2.2.26.0, with a fix available in 2.2.27.0 for Linux pl...

6.1CVSS5.8AI score0.06817EPSS
Exploits1References12Affected Software1
CNNVD
CNNVD
added 2022/07/15 12:0 a.m.2 views

Angular 跨站脚本漏洞

Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. A cross-site scripting vulnerability exists in Angular, which stems from an insecure page cache in Internet Explorer that allows the insertion of textarea...

6.1CVSS6.5AI score0.06817EPSS
Exploits1References14
Snyk
Snyk
added 2022/07/14 1:57 p.m.5 views

Cross-site Scripting (XSS)

Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. Details Cross-site scripting ...

6.1CVSS5.3AI score0.06817EPSS
Exploits1References2
Snyk
Snyk
added 2022/07/14 1:57 p.m.5 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicio...

6.1CVSS5.3AI score0.06817EPSS
Exploits1References2
Rows per page
Query Builder