CVE-2018-17537 - Stored XSS in GitLab via package.json – How It Worked and Why It Mattered
GitLab is one of the world’s most popular platforms for hosting Git repositories and supporting DevOps workflows. But even powerful and trusted tools are
CVE-2018-17536 - How a Stored XSS on GitLab Merge Requests Was Possible via Project Import (With Exploit Details)
In 2018, a serious security issue—CVE-2018-17536—was discovered in GitLab, one of the world’s most widely used code collaboration platforms. This vulnerability affected
CVE-2015-10101 - Cross-Site Scripting in Google Analytics Top Content Widget Plugin (WordPress <= 1.5.6)
In early 2015, a weakness was discovered in the popular Google Analytics Top Content Widget WordPress plugin, up to version 1.5.6. Tracked as
CVE-2023-29202 - Critical XSS in XWiki Commons RSS Macro—How It Works, Exploit, and Fixes
A critical security vulnerability—CVE-2023-29202—was discovered in XWiki Commons, affecting the bundled RSS macro. Attackers could inject malicious HTML and JavaScript content through crafted
CVE-2023-29201 - Critical XSS in XWiki Commons "Restricted" HTML Cleaner – Exploit Details and Mitigation
In June 2023, a severe security vulnerability was discovered in XWiki Commons, which are shared technical libraries used by various XWiki projects. This vulnerability, tracked
Episode
00:00:00
00:00:00