Lucene search
K

5 matches found

CVE
CVE
added 2026/06/02 4:59 p.m.34 views

CVE-2026-33244

CVE-2026-33244 affects React Router in versions 7.5.1–7.13.1 when using Framework Mode with pre-rendering enabled. The issue is improper neutralization of the HTTP Location header value, allowing Cross-Site Scripting (XSS) in statically generated HTML if the redirect target comes from an untruste...

5.4CVSS5.8AI score0.00144EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/27 12:0 a.m.2 views

WordPress plugin WassUp Real Time Analytics security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...

6.1CVSS6AI score0.0051EPSS
Exploits2References1
OSV
OSV
added 2022/10/26 8:15 p.m.6 views

AZL-11357 CVE-2022-39348 affecting package python-twisted for versions less than 22.10.0-2

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and scri...

5.4CVSS7.1AI score0.01156EPSS
Exploits1References1
OSV
OSV
added 2022/07/26 12:1 a.m.3 views

GHSA-WFVX-FX73-3RFJ markdown-it-toc Cross-site Scripting due to title of generated toc and contents of header not being escaped

This affects all versions of package markdown-it-toc. The title of the generated toc and the contents of the header are not escaped...

6.1CVSS6.7AI score0.00514EPSS
Exploits1References2
securityvulns
securityvulns
added 2002/10/02 12:0 a.m.39 views

Apache Host: crossite scripting

404 error message contains unescaped Host: header of HTTP request...

0.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder