3 matches found
EUVD-2022-4096
Malicious code in bioql PyPI...
GHSA-H7G4-65MF-6MXH Cross-site Scripting in Graylog Server
Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js...
Rocket.Chat: Post-Auth Stored XSS with User Interaction leads to Remote Code Execution
Summary: Unsafe usage of the toastr library leads to Stored XSS when combined with a validation bypass in the createRoom function. Targeting an admin account leads to Remote Code Execution. Description: The frontend uses the toastr library to display error messages to the user. However, it is use...