Количество 2
Количество 2
CVE-2025-50183
OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in <script> tags may be interpreted and executed as HTML in certain modes. This leads to a stored XSS vulnerability. This issue has been patched in version 4.0.0-rc.4.
GHSA-2hw3-h8qx-hqqp
OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-50183 OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in <script> tags may be interpreted and executed as HTML in certain modes. This leads to a stored XSS vulnerability. This issue has been patched in version 4.0.0-rc.4. | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
| GHSA-2hw3-h8qx-hqqp OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer | CVSS3: 6.5 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу