Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Github Security Blog
Github Security Blogadded 2024/08/23 9:30 p.m.20 views

Automad Cross-site Scripting vulnerability

A persistent stored cross-site scripting XSS vulnerability has been identified in Automad 2.0.0-alpha.4. This vulnerability enables an attacker to inject malicious JavaScript code into the template body. The injected code is stored within the flat file CMS and is executed in the browser of any us...

4.8CVSS5.5AI score0.04611EPSS
Exploits2References4Affected Software1
Cvelist
Cvelistadded 2024/08/23 12:0 a.m.15 views

CVE-2024-40111

A persistent stored cross-site scripting XSS vulnerability has been identified in Automad 2.0.0-alpha.4. This vulnerability enables an attacker to inject malicious JavaScript code into the template body. The injected code is stored within the flat file CMS and is executed in the browser of any us...

0.04611EPSS
Exploits2References2
CVE
CVEadded 2024/08/23 12:0 a.m.65 views

CVE-2024-40111

CVE-2024-40111 describes a stored XSS in Automad 2.0.0-alpha.4. The vulnerability lets an attacker inject JavaScript into the template body which is saved by the flat-file CMS and executed in the browser of any user visiting the page (e.g., forum). Practical impact stated across sources includes ...

4.8CVSS5.3AI score0.04611EPSS
Exploits2References2Affected Software1
Exploit DB
Exploit DBadded 2024/06/26 12:0 a.m.335 views

Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Date: 20-06-2024 Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on:...

7.4AI score
Exploits0
0day.today
0day.todayadded 2024/06/26 12:0 a.m.257 views

Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on: Docker version...

7.4AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2024/01/12 12:0 a.m.1 views

PT-2024-1139 · Apache +2 · Apache Shiro +2

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions 1.13.0 and earlier, or 2.0.0-alpha-4 and earlier Description: The issue is related to a path traversal attack that can result in an authentication bypass when used together with path rewriting. This can allow a remote...

9.8CVSS8AI score0.13506EPSS
Exploits1References27
OSV
OSVadded 2023/12/14 9:15 a.m.0 views

UBUNTU-CVE-2023-46750

URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...

6.1CVSS7.1AI score0.00201EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/12/13 12:0 a.m.3 views

PT-2023-30183 · Apache +3 · Apache Shiro +3

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.13.0 Apache Shiro versions 2.0.0-alpha-1 through 2.0.0-alpha-3 Description: The issue is related to a URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apach...

9.8CVSS7.9AI score0.13506EPSS
Exploits1References31
Rows per page
Query Builder