lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files.
lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or o
Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to improper sanitization when processing a built-in extension.
A stored cross-site scripting (XSS) vulnerability in AIxBlock commit 04f305 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the model_desc field.
The question bank filter required additional sanitizing to prevent a reflected XSS risk.
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component (se
Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andon Ivanov OZ Canonical oz-canonical allows Reflected XSS.This issue affects OZ Canonical: from
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.
The express-xss-sanitizer (aka Express XSS Sanitizer) package through 2.0.0 for Node.js has an unbounded recursion depth in sanitize in lib/sanitize.js for a JSON request body.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in asokaaso2 Kikx Simple Post Author Filter sa-post-author-filter allows Reflected XSS.This issue aff
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows DOM-Based XSS.This issue affect
Unauthenticated Cross Site Scripting (XSS) in Product Filter Widget for Elementor <= 1.0.6 versions.
A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the componen
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a th
In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag
A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.This issue aff
A vulnerability was found in chinese-poetry 0.1. It has been rated as problematic. This issue affects some unknown processing of the file rank/server.js. The manipulation leads to inefficient regular
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chenyenming Ui Slider Filter By Price ui-slider-filter-by-price allows Reflected XSS.This issue af
A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on users machines.This issue affects Cont
Page 1+ Next →