EUVD-2023-2134

Malicious code in bioql PyPI...

CVE-2023-3672

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

Cross-Site Scripting (XSS)

webmention.js is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability is due to improper sanitization of the comments parameter in the formatComments function, allowing an attacker to inject and execute malicious JavaScript in a victim's browser...

webmention.js Cross-site Scripting vulnerability

webmention.js prior to 0.5.5 is vulnerable to cross-site scripting...

GHSA-R54G-4QQ6-CHXG webmention.js Cross-site Scripting vulnerability

webmention.js prior to 0.5.5 is vulnerable to cross-site scripting...

CVE-2023-3672

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

Cross site scripting

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

CVE-2023-3672 Cross-site Scripting (XSS) - DOM in plaidweb/webmention.js

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

CVE-2023-3672 Cross-site Scripting (XSS) - DOM in plaidweb/webmention.js

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

CVE-2023-3672 Cross-site Scripting (XSS) - DOM in plaidweb/webmention.js

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

CVE-2023-3672

Summary: CVE-2023-3672 affects webmention.js (PlaidWeb) prior to 0.5.5, with a DOM-based cross-site scripting (XSS) vulnerability. The issue exists in the client-side library used to render webmentions, and is documented across multiple sources (GitHub advisories, Red Hat cve entry, OSV, CVE reco...

PT-2023-25689 · Unknown · Webmention.Js

Name of the Vulnerable Software and Affected Versions: webmention.js versions prior to 0.5.5 Description: The issue is related to Cross-site Scripting XSS - DOM in the webmention.js GitHub repository. This type of attack occurs when an application includes user input in its output without proper...

webmention.js 跨站脚本漏洞

webmention.js is a client-side library from the PlaidWeb project for rendering webmentions from webmention.io. A cross-site scripting vulnerability exists in versions of plaidweb webmention.j prior to 0.5.5, which stems from susceptibility to DOM-based cross-site scripting XSS attacks...

XSS in webmention.js

Description webmention.js has a XSS vulnerability here. Comment name has not escaped. https://github.com/PlaidWeb/webmention.js/blob/9457e71433c0d2430bbe767ecc5b5837140d0ee4/static/webmention.jsL330 Proof of Concept 1. 1 Put a webmention.js on your site 2. 2 Send a webmention that includes XSS...