Lucene search
K

38 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7792

Malicious code in bioql PyPI...

9.3CVSS6.3AI score0.00557EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-21704

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.0067EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-3455

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00647EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/07/18 1:58 p.m.5 views

CVE-2025-53892

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS6.5AI score0.0067EPSS
Exploits0References1
Veracode
Veracode
added 2025/07/18 11:4 a.m.5 views

Cross-site Scripting (XSS)

Vue I18n is vulnerable to Cross-site Scripting XSS. The vulnerability is due to incomplete escaping of interpolated parameters caused by the failure of the escapeParameterHtml: true option to prevent tag-based payload execution when rendered using v-html, even with minor HTML in translation strin...

5.3CVSS5.9AI score0.0067EPSS
Exploits0References9Affected Software5
Github Security Blog
Github Security Blog
added 2025/07/16 7:32 p.m.12 views

vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes

Summary The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution of certain tag-based payloads, such as , if the interpolated value is inserted inside an HTML context...

5.3CVSS5.2AI score0.0067EPSS
Exploits0References10Affected Software5
OSV
OSV
added 2025/07/16 7:32 p.m.2 views

GHSA-X8QP-WQQM-57PH vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes

Summary The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution of certain tag-based payloads, such as , if the interpolated value is inserted inside an HTML context...

5.3CVSS6.1AI score0.0067EPSS
Exploits0References10
NVD
NVD
added 2025/07/16 2:15 p.m.7 views

CVE-2025-53892

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS0.0067EPSS
Exploits0References8
OSV
OSV
added 2025/07/16 1:42 p.m.7 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS6.4AI score0.0067EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/07/16 1:42 p.m.112 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS0.0067EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/07/16 1:42 p.m.3 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS5.9AI score0.0067EPSS
Exploits0References8
CVE
CVE
added 2025/07/16 1:42 p.m.28 views

CVE-2025-53892

CVE-2025-53892 (Vue I18n) describes a DOM-based XSS in the Vue I18n escapeParameterHtml: true option. Vulnerability occurs when interpolated parameters are rendered inside HTML via v-html, allowing tag-based payloads (e.g., ) to execute in versions before fixes. The advisory notes affected ranges...

5.3CVSS6.1AI score0.0067EPSS
Exploits0References8
Snyk
Snyk
added 2025/07/16 4:57 a.m.3 views

Cross-site Scripting (XSS)

Overview org.webjars.bowergithub.kazupon:vue-i18n is an Internationalization plugin for Vue.js Affected versions of this package are vulnerable to Cross-site Scripting XSS when performing translations with escapeParameterHtml set to true. An attacker can execute arbitrary JavaScript code in the...

9.3CVSS5.4AI score0.0067EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/16 4:57 a.m.4 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:vue-i18n is an Internationalization plugin for Vue.js Affected versions of this package are vulnerable to Cross-site Scripting XSS when performing translations with escapeParameterHtml set to true. An attacker can execute arbitrary JavaScript code in the context of the...

9.3CVSS5.4AI score0.0067EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/07/16 4:57 a.m.5 views

org.webjars.npm:gip-recia__esco-content-menu (=0.3.4), org.webjars.npm:gip-recia__eyebrow-user-info (=0.6.2) +3 more potentially affected by CVE-2025-53892 via org.webjars.npm:vue-i18n (>=9.0.0-rc.9 <=9.14.3)

org.webjars.npm:vue-i18n MAVEN version =9.0.0-rc.9, =0.0.1, =1.12.0, =1.12.0, =1.40.2 Source cves: CVE-2025-53892 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-10771083...

5.3CVSS5.8AI score0.0067EPSS
Exploits0
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.4 views

vue-i18n 跨站脚本漏洞

vue-i18n is an application from intlify open source. A cross-site scripting vulnerability exists in vue-i18n versions prior to 9.0.0 through 9.14.5, prior to 10.0.8, and prior to 11.1.0, which stems from insufficient HTML context parameter escaping and could lead to a DOM-type cross-site scriptin...

5.3CVSS5.7AI score0.0067EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.7 views

PT-2025-29827

Name of the Vulnerable Software and Affected Versions Vue I18n versions 9.0.0 through 9.14.4 Vue I18n versions 10.0.0 through 10.0.7 Vue I18n versions 11.0.0 through 11.0.9 Description Vue I18n, an internationalization plugin for Vue.js, contains a flaw in the escapeParameterHtml: true option. Th...

5.3CVSS5.9AI score0.0067EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2025/05/23 10:32 a.m.7 views

CVE-2024-52809

vue-i18n is an internationalization plugin for Vue.js. In affected versions vue-i18n can be passed locale messages to createI18n or useI18n. When locale message ASTs are generated in development mode there is a possibility of Cross-site Scripting attack. This issue has been addressed in versions...

5.3CVSS6.4AI score0.00647EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/09 4:32 p.m.28 views

CVE-2025-27597

Vue I18n is the internationalization plugin for Vue.js. @intlify/message-resolver and @intlify/vue-i18n-core are vulnerable to Prototype Pollution through the entry function: handleFlatJson. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the...

9.3CVSS7.8AI score0.00557EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/07 4:42 p.m.3 views

Prototype Pollution

Overview org.webjars.bowergithub.kazupon:vue-i18n is an Internationalization plugin for Vue.js Affected versions of this package are vulnerable to Prototype Pollution through the handleFlatJson function due to improper input validation. An attacker can introduce or modify properties within the...

9.3CVSS8.5AI score0.00557EPSS
Exploits0References2
Rows per page
Query Builder