20 matches found
CVE-2026-33978
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
CVE-2026-33978
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
CVE-2026-33978
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
PT-2026-29568
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...
EUVD-2013-3582
Malware in sbrugna...
CVE-2013-3649
Cross-site scripting XSS vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
Unspecified Vulnerability in KENT-WEB Clip Board
KENT-WEB Clip Board is a set of forum applications from KENT-WEB Japan. An unspecified vulnerability exists in KENT-WEB Clip Board versions prior to 4.1. A remote attacker can exploit this vulnerability to delete arbitrary files...
CVE-2015-0888
KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vectors...
CVE-2015-0888
KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vectors...
KENT-WEB Clip Board vulnerability where arbitary files may be deleted
Overview Clip Board provided by KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. KENT-WEB Clip Board contains a vulnerability that may allow a remote attacker to delete arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC...
CVE-2014-7258
Cross-site scripting XSS vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-7258
Cross-site scripting XSS vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-7258
CVE-2014-7258 is an XSS vulnerability in KENT-WEB Clip Board 2.91 and earlier that can execute arbitrary script in the browser when viewed with certain Internet Explorer versions. JVN details indicate the issue affects Clip Board up to ver. 2.91 and can be exploited in IE 5.01–7 environments lack...
CVE-2013-3649
Cross-site scripting XSS vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
Cross site scripting
Cross-site scripting XSS vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...
CVE-2013-3649
The CVE-2013-3649 issue affects KENT-WEB CLIP-MAIL (before version 3.4). The root cause is a cross-site scripting (XSS) vulnerability in the webpage output of strings entered in a form, triggered when using Internet Explorer 7 or earlier. Affected products are CLIP-MAIL versions up to 3.3 (per JV...
CVE-2013-3649
Cross-site scripting XSS vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...