Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4840

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00905EPSS
Exploits0References3
OSV
OSV
added 2022/05/14 12:58 a.m.24 views

GHSA-PJV3-RH6V-2PJ8 Cross-site Scripting in wicket-jquery-ui

In wicket-jquery-ui = 6.29.0, = 7.10.1, = 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display...

6.1CVSS6.2AI score0.0084EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/14 12:58 a.m.81 views

Cross-site Scripting in wicket-jquery-ui

In wicket-jquery-ui = 6.29.0, = 7.10.1, = 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display...

6.1CVSS1.3AI score0.0084EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/14 12:58 a.m.20 views

GHSA-PWPC-HQQ2-HX2X Cross-site Scripting in wicket-jquery-ui

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor...

6.1CVSS6.3AI score0.00905EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/14 12:58 a.m.76 views

Cross-site Scripting in wicket-jquery-ui

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2018/04/18 7:29 p.m.20 views

CVE-2018-1325

In Apache wicket-jquery-ui = 6.29.0, = 7.10.1, = 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display...

6.1CVSS6.6AI score
Exploits0References1
Prion
Prion
added 2018/04/18 7:29 p.m.14 views

Code injection

In Apache wicket-jquery-ui = 6.29.0, = 7.10.1, = 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display...

4.3CVSS6.3AI score0.0084EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/04/18 7:0 p.m.68 views

CVE-2018-1325

CVE-2018-1325 affects the Wicket-JQuery-UI integration. In versions ≤ 6.29.0, ≤ 7.10.1, and ≤ 8.0.0-M9.1, JavaScript code created in the WYSIWYG editor can be executed on display, enabling cross-site scripting (XSS) as described in multiple sources. The connected documents corroborate an XSS risk...

6.1CVSS6.2AI score0.0084EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/12 1:29 p.m.26 views

CVE-2017-15719

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor...

6.1CVSS6.6AI score0.00905EPSS
Exploits0References2
Prion
Prion
added 2018/03/12 1:29 p.m.20 views

Design/Logic Flaw

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor...

4.3CVSS6.3AI score0.00905EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/03/12 1:29 p.m.31 views

CVE-2017-15719

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/12 1:0 p.m.31 views

CVE-2017-15719

In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor...

6.3AI score0.00905EPSS
Exploits0References2
Rows per page
Query Builder