5 matches found
CVE-2023-24811
Misskey is an open source, decentralized social media platform. In versions prior to 13.3.2 the URL preview function is subject to a cross site scripting vulnerability due to insufficient URL validation. Arbitrary JavaScript is executed when a malicious URL is loaded in the View in Player or View...
CVE-2023-24811
Misskey is an open source, decentralized social media platform. In versions prior to 13.3.2 the URL preview function is subject to a cross site scripting vulnerability due to insufficient URL validation. Arbitrary JavaScript is executed when a malicious URL is loaded in the View in Player or View...
CVE-2023-24811 Cross site scripting (XSS) vulnerability using url preview in Misskey
Misskey is an open source, decentralized social media platform. In versions prior to 13.3.2 the URL preview function is subject to a cross site scripting vulnerability due to insufficient URL validation. Arbitrary JavaScript is executed when a malicious URL is loaded in the View in Player or View...
Misskey 跨站脚本漏洞
Misskey is a set of micro-blogging platform. A cross-site scripting vulnerability exists in versions prior to Misskey 13.3.2, which stems from insufficient validation of URLs and a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary JavaScript...
UBUNTU-CVE-2020-13347
A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...