Lucene search
K

4 matches found

Snyk
Snyk
added 2026/05/22 5:42 p.m.9 views

Cross-site Scripting (XSS)

Overview golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the inBodyEndTagOther function, when rendering sanitized HTML. An attacker can cause the execution of scripts in the...

6.1CVSS5.7AI score0.00188EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/22 5:42 p.m.15 views

Cross-site Scripting (XSS)

Overview github.com/golang/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the inBodyEndTagOther function, when rendering sanitized HTML. An attacker can cause the execution of scripts i...

6.1CVSS5.7AI score0.00188EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 2:35 p.m.54 views

CVE-2026-1285 Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

0.00993EPSS
Exploits0References3
CVE
CVE
added 2026/02/03 2:35 p.m.47 views

CVE-2026-1285

CVE-2026-1285 affects Django 6.0.x before 6.0.2, 5.2.x before 5.2.11, and 4.2.x before 4.2.28. The issue concerns django.utils.text.Truncator.chars() and Truncator.words() with html=True, and truncatechars_html / truncatewords_html filters, which can allow a remote attacker to trigger a denial-of...

7.5CVSS5.5AI score0.00993EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder