Aggregator

Submit #516089: Anmei Century (Beijing) Technology Co., Ltd. Anmei Digital Hotel Broadband Operation System v1.0 Command Execution [Accepted]

1 year ago

Submit #516089 / VDB-300718

zianA

CVE-2025-2700 | michelson Dante Editor up to 0.4.4 Insert Link cross site scripting

1 year ago

A vulnerability classified as problematic has been found in michelson Dante Editor up to 0.4.4. This affects an unknown part of the component Insert Link Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2700. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

Submit #515870: https://www.npmjs.com/package/jodit jodit 4.5.17 Cross Site Scripting [Duplicate]

Vuldb Submit

1 year ago

Submit #515870 / VDB-239922

masamune

Submit #515869: https://www.npmjs.com/package/dante3 dante3 * Cross Site Scripting [Accepted]

Vuldb Submit

1 year ago

Submit #515869 / VDB-300717

masamune

CVE-2025-2699 | GetmeUK ContentTools up to 1.6.16 Image onload cross site scripting

VulDB Recent Entries

1 year ago

A vulnerability was found in GetmeUK ContentTools up to 1.6.16. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Image Handler. The manipulation of the argument onload leads to cross site scripting. This vulnerability is handled as CVE-2025-2699. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com