8 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of user-controlled input in the identity name field without proper output encoding. An attacker can execute arbitrary JavaScript in the context of the WebUI by storing malicious scripts in the...
CVE-2022-2507
In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage...
Solid Lacks Escaping of HTML in JSX Fragments allows for Cross-Site Scripting (XSS)
Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments. For instance, ?text= would trigger XSS here. js const text = createResource = return new...
CVE-2025-27109
solid-js is a declarative, efficient, and flexible JavaScript library for building user interfaces. In affected versions Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments. This issue has...
CVE-2022-2507
In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage...
CVE-2022-2507
In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage...
CVE-2022-2507
In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage...
html-social-share-buttons
It is an HTML/CSS/JavaScript library for adding social media sha...