Headline

GHSA-jv64-2m3x-6v4q: Cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS

A cross-site scripting (XSS) vulnerability exists in the “contact us” plugin for Subrion CMS <= 4.2.1 version via "List of subjects".

2 years ago

ghsa

Open in Source

#xss #vulnerability #git

Cross-site scripting (XSS) vulnerability exists in the “contact us” plugin for Subrion CMS

Moderate severity GitHub Reviewed Published Apr 30, 2022 • Updated May 4, 2022

Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.

2 years ago

ghsa

Open in Source

#xss #web #git

GHSA-pxpf-v376-7xx5: tagify can pass a malicious placeholder to initiate the cross-site scripting (XSS) payload

This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the cross-site scripting (XSS) payload.

2 years ago

ghsa

Open in Source

#xss #git

ghsa: Latest News

GHSA-9722-9j67-vjcr: Improper Authorization in Select Permissions

6 hours ago

ghsa

GHSA-qjrv-v6qp-x99x: SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

6 hours ago

ghsa

GHSA-f3cx-396f-7jqp: Livewire Remote Code Execution on File Uploads

6 hours ago

ghsa

GHSA-ffcv-v6pw-qhrp: Denial of Service in TYPO3 Bookmark Toolbar

6 hours ago

ghsa

GHSA-9cp9-8gw2-8v7m: Adguard Home arbitrary file read vulnerability

7 hours ago

ghsa

Headline

GHSA-jv64-2m3x-6v4q: Cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS

Related news

ghsa: Latest News