7 matches found
Malicious code in website-frontend-cms (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 04f43ddaad758a9041c06daacb15db027a4552836ee0f59caa0b4762c87acdc6 The OpenSSF Package Analysis project identified 'website-frontend-cms' @ 99.99.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1573 Malicious code in website-frontend-cms (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 04f43ddaad758a9041c06daacb15db027a4552836ee0f59caa0b4762c87acdc6 The OpenSSF Package Analysis project identified 'website-frontend-cms' @ 99.99.0 npm as malicious. It is considered malicious because: - The...
Malicious code in ayalon-demo-website-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19a8e8fa18dc522718907d033a494ba3caeb4164e641ae7dc4ab866c88cb8886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1215 Malicious code in ayalon-demo-website-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19a8e8fa18dc522718907d033a494ba3caeb4164e641ae7dc4ab866c88cb8886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-32768
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding...
Cross-Site Scripting via Rich-Text Content
Failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser do not consider all potentially malicious HTML tag ...
Cross-Site Scripting in Frontend User Login
Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile...