5 matches found
Gotenberg 代码问题漏洞
Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg 8.30.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the default private IP denial-of-service list usin...
PT-2025-53448
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.20.1 Description A flaw exists in Gitea that allows the use of a forbidden URL scheme, such as javascript:, within a link, which can lead to cross-site scripting XSS. Recommendations Update Gitea to version 1.20.1 or...
Promptcraft Forge Studio 安全漏洞
Promptcraft Forge Studio is a developer toolkit for Marcelo Tessaro Individual Developer. A security vulnerability exists in Promptcraft Forge Studio that stems from an incomplete URL scheme check, which could lead to cross-site scripting attacks...
Mozilla: Full screen notification obscured by external program
The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...
Mozilla: Fullscreen notification obscured
The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...