-
I really love this project, but I found a potential XSS vulnerability:
When I send the email below to the smail address:
It can trigger the `alert` function.
I understand this project is …
-
Recently, our team discovered a security vulnerability due to incomplete XSS filtering.
**Loaction:**
https://github.com/phpipam/phpipam/blob/master/app/admin/instructions/preview.php#L22
![image](…
-
### Checklist
- [X] I've looked at the [documentation](https://summernote.org/deep-dive/) to make sure the behavior isn't documented and expected.
- [X] I'm sure this is an issue with Summernote, not…
-
Hello,
it seems no operation is done, on form submission or on access to quill.html, to ensure that the HTML tags of the quill field are secure and correspond to the allowed tags of the JS widget.
…
pakal updated
2 weeks ago
-
In ***AttributeSetFilter***, multiple parameters are not ***XSS*** filtered
*cn.keking.web.filter.AttributeSetFilter#setWatermarkAttribute*
![image](https://user-images.githubusercontent.com/5064738…
S2eTo updated
1 month ago
-
Hello, I found Stored XSS in Piwigo version [15.0.0beta2](https://github.com/Piwigo/Piwigo/releases/tag/15.0.0beta2)
**Impact:**
Leads to other users inadvertently loading malicious JavaScript whi…
-
## Summary
Because there are no attribute filters in the `abbr` and`sup` tags, an attacker can trigger XSS on websites which is using editor.md.
## CVE
[CVE-2019-14653](http://cve.mitre.org/cgi…
-
# Summary
> 123Solar is a lightweight set of PHP/JS files that makes a web logger to monitor your photovoltaic inverter(s). It just need a web server and PHP, no databases are even needed. The philos…
-
**Tell us about your environment**
Any web browser
* **Browser and Browser Version:**
Any
* **After Effects Version:**
Any
**What did you do? Please explain the steps you took before y…
-
Hi, there is a xss vulnerability in `websoccer/admin/forgot-password.php`. At line 129, The `$_POST['inputEmail']` is inserted into the value attribute of `` tag and is escaped by `escapeOutput`, whic…