3 matches found
PT-2026-23112
Name of the Vulnerable Software and Affected Versions Drupal Google Analytics GA4 versions prior to 1.1.14 Description The Google Analytics GA4 module does not properly sanitize custom attributes added to the script tag used to load the Google Analytics library, leading to a Cross-Site Scripting...
EUVD-2026-1698
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...
GHSA-CCHQ-397M-Q2QM Grav CMS is vulnerable to Cross Site Scripting (XSS) in the page editor
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...