15 matches found
CVE-2026-50742
CVE-2026-50742 describes a stored XSS in Revive Adserver 6.0.7, occurring in the maintenance tools, specifically in the files maintenance-acl-check.php and maintenance-banners-check.php . The root cause is that entity names are displayed without proper escaping when inconsistencies are detected, ...
EUVD-2026-30356
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar community marketplace renders the name and version fields of a package's plugin.json and the equivalent theme.json / template.json / widget.json / icon.json into the Settings → Marketplace UI without HT...
CVE-2026-35460 Papra has an HTML Injection in Transactional Emails via Unescaped User Display Name
Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. An attacker who registers with a display name containing HTML tags will have those tags injected...
EUVD-2026-19653
Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. An attacker who registers with a display name containing HTML tags will have those tags injected...
CVE-2026-35460
Papra (document management platform) is affected by an HTML injection in transactional emails prior to version 26.4.0, where user.display name is interpolated into email HTML without escaping. An attacker registering with a display name containing HTML could inject tags into verification and pass...
EUVD-2026-17552
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, when the hidden prioritizefullnameinux site setting is enabled defaults to false, requires console access to change, user...
SUSE CVE-2025-13523
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
CVE-2025-13523 Cross-Site Scripting (XSS) via Unescaped Display Names in Mattermost Confluence Plugin OAuth2 Flow
Mattermost Confluence plugin version 1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim browsers via sending a specially crafted OAuth2 connectio...
CVE-2025-13523
CVE-2025-13523 affects Mattermost Confluence plugin versions prior to 1.7.0. The root cause is improper escaping of user-controlled display names during HTML template rendering. This allows authenticated Confluence users with malicious display names to trigger arbitrary JavaScript execution in a ...
EUVD-2022-3290
Malicious code in bioql PyPI...
WordPress plugin WP Popups 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Jenkins 跨站脚本漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins versions 2.340 through 2.355 contain a cross-site scripting vulnerability that stems from the tooling of the build...
Stored XSS vulnerability in Pipeline Maven Integration Plugin via unescaped display name
Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job’s display name shown as part of a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Pipeline Maven Integration Plugin 3.9.3 escap...
Cross-site scripting
Two kinds of XSS were found: 1. As mentioned in https://github.com/mongo-express/mongo-express/issues/577 when the content of a cell grows larger than supported size, clicking on a row will show full document unescaped, however this needs admin interaction on cell. 2. Data cells identified as med...
PT-2019-14718 · Jenkins · Jenkins Mission Control Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Mission Control Plugin versions 0.9.16 and earlier Description: The issue concerns a stored XSS vulnerability. It occurs because the plugin does not properly escape job display names and build names shown on its view. This can be...