CVE-2024-3063 WPB Elementor Addons <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WPB Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the output of 'tags' added to widgets in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied tag attributes. This makes it possible for...

CVE-2017-7840

JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripti...

Cross site scripting

JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripti...

Novell File Reporter Agent XML Parsing Stack Buffer Overflow (CVE-2011-0994)

A stack buffer overflow vulnerability has been reported in the Agent component of Novell File Reporter. The vulnerability is due to improper boundary checks of user-supplied NAME tags in the input XML. The vulnerability is triggered upon parsing of a malicious XML tag with overly long content...