3 matches found
CVE-2024-8101
A stored cross-site scripting XSS vulnerability exists in the Text Explorer component of aimhubio/aim version 3.23.0. The vulnerability arises due to the use of dangerouslySetInnerHTML without proper sanitization, allowing arbitrary JavaScript execution when rendering tracked texts. This can be...
CVE-2024-52595 HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...
Google Chrome heap buffer overflow vulnerability (CNVD-2021-31243)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A security vulnerability exists in Google Chrome that stems from a boundary error in the V8 browser engine when handling untrusted HTML content. No detailed...