-
# Summary
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the SeaCms V12.9.
Multiple reflective XSS vulnerabilities were discovered in `\js\player\dmplayer\play\index.ph…
-
This issue happens for all cities that use your product.
Within the `/search` view, you can use the filter parameters to run Javascript code in an HTML script tag. See the following for an example:
…
-
In ***AttributeSetFilter***, multiple parameters are not ***XSS*** filtered
*cn.keking.web.filter.AttributeSetFilter#setWatermarkAttribute*
![image](https://user-images.githubusercontent.com/5064738…
-
**Is your feature request related to a problem? Please describe.**
We have encountered a few scenarios where we manually had to edit the tagFilter in `core\mura\Portcullis.cfc:56` in order for our co…
-
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@rudloff) has found a potential issue, which I would be eager to share with you.
Could you add a `SECURI…
-
CVE-2024-44792 (Reserved): This CVE ID has been assigned but is not yet public. PHPFlasher v2.0.1 is vulnerable to Cross Site Scripting (XSS) via the $flasher, flash() helper.
#### Description
P…
-
Issue: Feature Request
**Is your feature request related to a problem? Please describe.**
I am not able to Customize Form with Barcode because Ignore XSS Filter is not available!
**Describe the…
-
# Summary
ThinkSAAS version 3.7.0 contains multiple stored Cross-Site Scripting (XSS) vulnerabilities.
These vulnerabilities occur due to the lack of proper filtering of input variables in the `app…
-
프레임워크는 스프링은 아니고.. 기업 자체 프레임워크로 보입니다.
maven을 사용하지 않아 jar 파일 받아서 넣어주고
lucy설정 파일 세개 넣어줬습니다.(rule, xss, xss-sax) web.xml에 filter 설정도 해주고...
그런데 서버 올리는데 계속 에러가 나서 보니까 Lucy-xss-servlet-filter rule.xm…
-
Dear Pandao team,
I would like to report a security vulnerability in Editor.md.
### Summary:
The "filterHTMLTags" function does not properly filter Html tags, leading to XSS.
### Descripti…