CVE-2025-11360

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

CVE-2025-11360 jakowenko double-take API app.js app.use cross site scripting

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

SUSE CVE-2022-31160

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...

Command Injection

Overview async-git is a 👾 Retrieve data from current git repository Affected versions of this package are vulnerable to Command Injection via shell meta-characters back-ticks. For example: git.reset'atouch HACKEDb' Remediation Upgrade async-git to version 1.13.2 or higher. References - GitHub...