Summary
TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-869J-R97X-HX2G
Anki's local HTTP server does not sufficiently validate requests
- HIGHGHSA-F4XH-W4CJ-QXQ8
LangSmith SDK TracingMiddleware: Arbitrary server-side file read
- HIGHGHSA-X975-RGX4-5FH4
appium-mcp: Unescaped Locator Data XSS in MCP-UI Resource (createLocatorGeneratorUI)
- HIGHGHSA-V3F4-W7R7-V3HM
Uni-CLI: Legacy HTTP MCP transport accepted browser-originated localhost requests
- LOWGHSA-H5JC-78HR-3PC9
Sveltia CMS: Stored XSS in Markdown/RichText preview via unsandboxed same-origin iframe
- MEDIUMGHSA-6V8J-33HC-MV84
symfony/ux-icons: XSS via unsanitized SVG content in local files and Iconify on-demand responses