It was discovered that Jinja2 incorrectly handled certain HTML attributes
that were accepted by the xmlattr filter. An attacker could use this issue
to inject arbitrary HTML attribute keys and values to potentially execute
a cross-site scripting (XSS) attack.
More Stories
USN-7415-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
Kubernetes Ingress-nginx Controller RCE
What is the Vulnerability?On March 24, researchers disclosed a set of five vulnerabilities, collectively known as "IngressNightmare,” affecting Ingress-nginx, one...
perl-Compress-Raw-Lzma-2.212-6.fc41 xz-5.8.1-1.fc41.1
FEDORA-2025-051becf4f2 Packages in this update: perl-Compress-Raw-Lzma-2.212-6.fc41 xz-5.8.1-1.fc41.1 Update description: xz 5.8.1 Read More
perl-Compress-Raw-Lzma-2.209-9.fc40 xz-5.8.1-1.1.fc40
FEDORA-2025-4871b31998 Packages in this update: perl-Compress-Raw-Lzma-2.209-9.fc40 xz-5.8.1-1.1.fc40 Update description: xz 5.8.1 Read More
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. ...
A Vulnerability in Ivanti Products Could Allow for Remote Code Execution
A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code...