CVE-2025-23551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in razvypp SexBundle sexbundle allows Reflected XSS.This issue affects SexBundle: from n/a through = 1.4...

CVE-2020-23551

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30...

CVE-2025-23551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in razvypp SexBundle sexbundle allows Reflected XSS.This issue affects SexBundle: from n/a through = 1.4...

CVE-2025-23551

creationtimestamp| type| source ---|---|--- 2025-01-21 17:59:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113867645368285325 2025-01-21 18:16:22+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbhjvcnkb2h 2025-01-21 19:01:57+00:00|...

CVE-2025-23551 WordPress SexBundle plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in razvypp SexBundle sexbundle allows Reflected XSS.This issue affects SexBundle: from n/a through = 1.4...

CVE-2025-23551

CVE-2025-23551 affects WordPress SexBundle; the issue is a Reflected Cross-Site Scripting vulnerability caused by improper input neutralization during web page generation, affecting SexBundle versions up to 1.4. CVSS 3.1 base score 7.1 (HIGH) with network attack vector, user interaction required....

CVE-2025-23551 WordPress SexBundle plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in P. Razvan SexBundle allows Reflected XSS. This issue affects SexBundle: from n/a through 1.4...

CVE-2022-23551 affecting package nmi for versions less than 1.8.17-1

CVE-2022-23551 affecting package nmi for versions less than 1.8.17-1. An upgraded version of the package is available that resolves this issue...

Apache Dubbo code issue vulnerability (CNVD-2023-23551)

Apache Dubbo is a lightweight Java-based RPC remote procedure call framework from the Apache Foundation in the United States. The product provides interface-based remote calling, fault tolerance and load balancing, and automatic service registration and discovery.A security vulnerability exists i...

CVE-2023-23551

creationtimestamp| type| source ---|---|--- 2023-02-13 20:30:03+00:00| seen| https://t.me/cibsecurity/58016...

CVE-2023-23551

CVE-2023-23551 affects Control By Web X-600M web-enabled industrial I/O controllers. The vulnerability arises from improper generation of code, allowing Lua-script execution that could let an attacker remotely execute arbitrary code via the network. Affected device: X-600M; root cause: code injec...

CVE-2023-23551 X-600M Code Injection

Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code...

CVE-2022-23551 AAD Pod Identity obtaining token with backslash

aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request...

CVE-2022-23551 AAD Pod Identity obtaining token with backslash

aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request...

CVE-2022-23551

CVE-2022-23551 concerns AAD Pod Identity: the NMI component could bypass validation for token requests containing a backslash (example /metadata/identity\oauth2\token/), potentially enabling a pod to access identities it should not have. The bug arises from NMI’s regex-based validation and is add...

CVE-2020-23551

IrfanView 4.54 is affected by a user-mode write access violation that starts at FORMATS!GetPlugInInfo+0x0000000000007e30. The vulnerability is indicated in multiple sources (CVE-2020-23551) with a HIGH severity (CVSS 3.1: AV=L/AC=L/PR=L/UI=N/S:U/C:H/I:H/A:H) and is classified as a local exploit w...