-
By default the table option `escape` is set to `false`, which means any data by a potential attacker will end up unencoded in the DOM, which might make the table susceptible to Cross-Site Scripting at…
-
Vulnerable Library - moment-1.7.2.min.js
Parse, validate, manipulate, and display dates
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/1.7.2/moment.min.js
Path to vulnerable lib…
-
It seems the "strict" version of the schema might yield better results with respect to a Regex error in earlier versions of the JSON schema.
-
```
script removeFilter(attributeID string) {
const attributesInput = document.getElementById('attributes-input');
let attributes = attributesInput.value.split(',').filter(attr => attr !== attrib…
-
## CVE-2022-24785 - High Severity Vulnerability
Vulnerable Library - github.com/tdewolff/Minify/v2-v2.9.21
Go minifiers for web formats
Library home page: https://proxy.golang.org/github.com/tdewolf…
-
The current spec includes YAML, CommonMark and Handlebars. All of which have large attack surfaces making it very difficult for implementers to create a secure parser and renderer. Considering that ma…
-
```
hi,
vsprintf doesn't check the length of the string, whereas vsnprintf does.
So it's better to use vsnprintf instead, to avoid buffer overruns.
string.c:53
cheers,
```
Original issue reporte…
-
```
hi,
vsprintf doesn't check the length of the string, whereas vsnprintf does.
So it's better to use vsnprintf instead, to avoid buffer overruns.
string.c:53
cheers,
```
Original issue reporte…
-
```
hi,
vsprintf doesn't check the length of the string, whereas vsnprintf does.
So it's better to use vsnprintf instead, to avoid buffer overruns.
string.c:53
cheers,
```
Original issue reporte…
-
```
hi,
vsprintf doesn't check the length of the string, whereas vsnprintf does.
So it's better to use vsnprintf instead, to avoid buffer overruns.
string.c:53
cheers,
```
Original issue reporte…