4 matches found
NPM: Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`
NPM: Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in JSONPathBuilder.key / .at vulnerability discovered by ? in WordPress Npm kysely versions = 0.26.0, 0.28.17...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...