4 matches found
GO-2026-4679 Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values in github.com/traefik/traefik
Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values in github.com/traefik/traefik...
EUVD-2026-11201
Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values...
GHSA-3HCM-GGVF-RCH5 OpenClaw has an exec allowlist bypass via command substitution/backticks inside double quotes
Summary Exec approvals allowlist bypass via command substitution/backticks inside double quotes. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.2 Impact Only affects setups that explicitly enable the optional exec approvals allowlist feature. Default installs are...
GHSA-VH22-6C6H-RM8Q jte's HTML templates containing Javascript template strings are subject to XSS
Summary Jte HTML templates with script tags or script attributes that include a Javascript template string backticks are subject to XSS. Details The javaScriptBlock and javaScriptAttribute methods in the Escape class source do not escape backticks, which are used for Javascript template strings...