5 matches found
EUVD-2018-6873
Malware in sbrugna...
Facets - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-100
This module enables you to to easily create and manage faceted search interfaces. The module doesn’t sufficiently filter certain user-provided text leading to a cross site scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the permissio...
DRUPAL-CONTRIB-2025-078
GLightbox module is a pure Javascript lightbox for CKEditor. The module doesn't sufficiently filter user-supplied text for the GLightbox Javascript library leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...
Apache Syncope 输入验证错误漏洞
Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope suffers from an input validation error vulnerability that c...
XSS Vulnerability in simple_format helper
The simpleformat helper converts user supplied text into html text which is intended to be safe for display. A change made to the implementation of this helper means that any user provided HTML attributes will not be escaped correctly. As a result of this error, applications which pass...