8 matches found
EUVD-2026-39100
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri functio...
CVE-2026-47110
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri functio...
EUVD-2025-27042
Malicious code in bioql PyPI...
Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
Title Stored XSS in customattributes Description Relying on frontend URI check without verifying it on the backend allows to inject arbitrary JS code. Steps to reproduce 1. 1. Create a custom attribute, set its type to Link 2. 2. Navigate to any conversation, click on the right sidebar. 3. 3...
CVE-2006-2920
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character...
CVE-2006-2920
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character...
CVE-2006-2920
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character...
CVE-2006-2920
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character...