CVE-2019-7250
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-7250
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cross Reference Add-on 36 for Google Docs 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cross Reference Add-on 36 for Google Docs是一个开源的使用在GoogleDocs中的附加组件。该产品可自动对图形和更新等元素进行编号,并对文本内容进行格式化引用。 Cross Reference Add-on for Google Docs 36版本中的配置面板的预览框存在跨站脚本漏洞。远程攻击者可借助标签和参考文本框利用该漏洞注入任意的JavaScript代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2019-7250
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-7250
Please Login to view more intelligence information
- https://github.com/davidrthorn/cross_reference/issues/32x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2019-7250
Same Patch Batch · n/a · 2019-01-31 · 22 CVEs total
| CVE-2018-19042 | WordPress Media File Manager插件路径遍历漏洞 | |
| CVE-2019-6111 | OpenSSH 路径遍历漏洞 | |
| CVE-2019-6110 | OpenSSH 访问控制错误漏洞 | |
| CVE-2019-6109 | OpenSSH 访问控制错误漏洞 | |
| CVE-2019-7249 | Keybase 权限许可和访问控制问题漏洞 | |
| CVE-2019-7216 | FileChucker 输入验证错误漏洞 | |
| CVE-2019-6438 | SchedMD Slurm 权限许可和访问控制问题漏洞 | |
| CVE-2017-18360 | Linux kernel 数字错误漏洞 | |
| CVE-2019-7283 | NetKit 输入验证错误漏洞 | |
| CVE-2019-7282 | NetKit 权限许可和访问控制问题漏洞 | |
| CVE-2018-19043 | WordPress Media File Manager 安全漏洞 | |
| CVE-2019-7297 | D-Link DIR-823G 操作系统命令注入漏洞 | |
| CVE-2018-19041 | WordPress Media File Manager插件跨站脚本漏洞 | |
| CVE-2018-19040 | WordPress Media File Manager插件安全漏洞 | |
| CVE-2018-18941 | Vignette Content Management 信任管理问题漏洞 | |
| CVE-2018-18940 | Netscape Enterprise 跨站脚本漏洞 | |
| CVE-2018-15515 | D-Link Central WiFiManager CWM-100 权限许可和访问控制问题漏洞 | |
| CVE-2018-15516 | D-Link Central WiFiManager CWM-100 代码问题漏洞 | |
| CVE-2018-15517 | D-Link Central WiFiManager CWM-100 代码问题漏洞 | |
| CVE-2019-7296 | typora 跨站脚本漏洞 |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial
V. Comments for CVE-2019-7250
No comments yet