Summary
StarCitizenWiki Extension Embed Video: Stored XSS via unsanitized class passed to template
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-5C7P-G73Q-RPG5
StarCitizenWiki Extension Embed Video: Stored XSS via malformed src url with $wgEmbedVideoRequireConsent enabled
- HIGHGHSA-C29Q-5XM7-5P62
StarCitizenWiki Extension Embed Video: Stored XSS via unsanitized service name in exception text
- HIGHGHSA-X975-RGX4-5FH4
appium-mcp: Unescaped Locator Data XSS in MCP-UI Resource (createLocatorGeneratorUI)
- HIGHGHSA-6VXV-WG6J-5QWP
Gogs: XSS in .ipynb files renderer due to outdated notebookjs
- LOWGHSA-H5JC-78HR-3PC9
Sveltia CMS: Stored XSS in Markdown/RichText preview via unsandboxed same-origin iframe
- MEDIUMGHSA-6V8J-33HC-MV84
symfony/ux-icons: XSS via unsanitized SVG content in local files and Iconify on-demand responses