CVE-2025-59854 HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability

HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a...

EUVD-2023-51402

Malicious code in bioql PyPI...

PT-2025-17868

Name of the Vulnerable Software and Affected Versions React Router versions 7.0 through 7.5.1 Description The issue allows an attacker to modify pre-rendered data by adding a header to the request, potentially leading to various exploits, including stored XSS. This is possible due to a...

PT-2020-6877 · Abb · Abb Esoms

Name of the Vulnerable Software and Affected Versions: ABB eSOMS versions 4.0 through 6.0.2 Description: The issue is related to the absence of the X-XSS-Protection HTTP response header in responses from the web server. This might increase the risk of Cross Site Scripting XSS attacks, particularl...

Cerber Limit Login Attempts <= 2.0.1.6 - Unauthenticated Stored XSS

If the option "I'm behind a proxy" is enabled, the visitor IP is read from X-Forwarded-For header, stored & printed in the admin panel without any sanitization / validation. Set the X-Forwarded-For header to alert1, and perform an incorrect login...

Oracle HTTP Server - XSS Header Injection

No description provided by source. --------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack...