6 matches found
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
EUVD-2022-45213
Malicious code in bioql PyPI...
EUVD-2025-22729
Malicious code in bioql PyPI...
CVE-2023-7088
The Add SVG Support for Media Uploader | inventivo WordPress plugin through 1.0.5 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...
CVE-2024-4270
The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...
CVE-2022-42136
Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access. That action, could lead an attacker to store arbitrary code on that files and execute RCE commands...