Filtered by vendor Valine.js
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19289 | 1 Valine.js | 1 Valine | 2024-08-05 | 6.1 Medium |
| An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file. | ||||
| CVE-2020-28847 | 1 Valine.js | 1 Valine | 2024-08-04 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment. | ||||
| CVE-2021-34801 | 1 Valine.js | 1 Valine | 2024-08-04 | 5.3 Medium |
| Valine 1.4.14 allows remote attackers to cause a denial of service (application outage) by supplying a ua (aka User-Agent) value that only specifies the product and version. | ||||
| CVE-2022-38545 | 1 Valine.js | 1 Valine | 2024-08-03 | 9.6 Critical |
| Valine v1.4.18 was discovered to contain a remote code execution (RCE) vulnerability which allows attackers to execute arbitrary code via a crafted POST request. | ||||
Page 1 of 1.