Versions 1.2.12 and prior are vulnerable to copy-paste cross-site scripting (XSS). Version 3.8.7ĬVE-2021-32856 - Microweber is a drag and drop website builder and content management system. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor.
Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS). There areĬVE-2021-32855 - Vditor is a browser-side Markdown editor.
Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). Upgrading to version marla iĬVE-2020-36656 - The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks.ĬVE-2021-32854 - textAngular is a text editor for Angular.js. Affected by this issue is the function _prepareWhere of the file Controller/Rest/BaseController.php. ThiĬVE-2015-10084 - A vulnerability was found in irontec klear-library chloe and classified as critical. The manipulation leads to improper authentication. Affected by this vulnerability is the function basic_auth of the file app/controllers/application_controller.rb. The name of the patcĬVE-2015-10083 - A vulnerability has been found in harrystech Dynosaur-Rails and classified as critical. The manipulation leads to xml external entity reference. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler.
The manipulation of the argument body leads to cross site sĬVE-2015-10082 - A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. Affected by this vulnerability is the function _formatBody of the file lib/InternalChatProtocol.fe.
CVE-2014-125089 - A vulnerability was found in cention-chatserver 3.8.0-rc1.
0 kommentar(er)
