16 matches found
CVE-2026-13352
creationtimestamp| type| source ---|---|--- 2026-07-17 06:55:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqt67iafs42k...
SUSE CVE-2025-13352
Mattermost versions 10.11.x = 10.11.6 and Mattermost GitHub plugin versions =2.4.0 fail to validate plugin bot identity in reaction forwarding which allows attackers to hijack the GitHub reaction feature to make users add reactions to arbitrary GitHub objects via crafted notification posts...
CVE-2025-13352
creationtimestamp| type| source ---|---|--- 2025-12-17 15:35:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ma6yffup6b2x...
CVE-2020-13352
Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions are: =10.2, =13.4, =13.5, 13.5.2...
CVE-2019-13352
WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...
CVE-2024-13352
creationtimestamp| type| source ---|---|--- 2025-02-07 06:12:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113961122645272686 2025-02-07 06:16:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhkxavpowy26 2025-02-07 07:57:37+00:00| seen|...
CVE-2024-13352 Legull <= 1.2.2 - Reflected XSS
The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13352 Legull <= 1.2.2 - Reflected XSS
The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
GitLab 10.2 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-13352)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions are: =10.2, =13.4, =13.5, =10.2, =13.4, =13.5,...
CVE-2021-34311
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Monoloader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds write past the end of an...
CVE-2020-13352
creationtimestamp| type| source ---|---|--- 2020-11-17 07:38:27+00:00| seen| https://t.me/cibsecurity/16423...
CVE-2020-13352
GitLab CVE-2020-13352 affects GitLab CE/EE versions 10.2 through 13.3.8, 13.4 through 13.4.4, and 13.5 through 13.5.1, where private group information is leaked when moving a project from a private to a public group. Root cause: information leakage in group visibility handling during transfers. R...
CVE-2019-13352
creationtimestamp| type| source ---|---|--- 2019-07-05 23:00:01+00:00| seen| https://t.me/cveNotify/266...
CVE-2019-13352
CVE-2019-13352 affects WolfVision Cynap prior to version 1.30j. The vulnerability arises from a static, hard-coded cryptographic secret used to generate support PINs for the forgotten-password feature, enabling an attacker who knows the secret and the calculation method to reset the ADMIN passwor...
CVE-2018-13352
Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to view active session tokens in a world-readable directory...
CVE-2018-13352
TerraMaster TOS (web app) version 3.1.03 is affected by CVE-2018-13352, enabling attackers to view active session tokens due to a session exposed in a world-readable directory. The issue is documented across multiple entries (NVD and CNVD) with a consistent description of session disclosure via i...