BIT-JUPYTER-NOTEBOOK-2021-32798 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim...

Cross site scripting

An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attac...

Element Desktop 资源管理错误漏洞

Element Desktop is an open source Matrix client for the Element Web-centered desktop platform from Element. A resource management error vulnerability exists in Element Desktop that can be exploited by an attacker to specify the path to a binary file on the victim's computer...

Secomea GateManager Security Vulnerability

A security vulnerability exists in Secomea GateManager all versions prior to 9.3, which can be exploited by an attacker to run arbitrary commands on a victim's computer...