26 matches found
CVE-2026-23597
creationtimestamp| type| source ---|---|--- 2026-02-11 13:55:22+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3melmwllbwu2m 2026-02-14 16:33:58+00:00| seen| https://bsky.app/profile/blackhatnews.tokyo/post/3meth6wmixu2p...
CVE-2025-23597
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sabareesha Rio Photo Gallery rio-photo-gallery allows Reflected XSS.This issue affects Rio Photo Gallery: from n/a through = 0.1...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2025-23597
creationtimestamp| type| source ---|---|--- 2025-01-22 15:19:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo3u7j6n2e 2025-01-22 20:02:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2636...
CVE-2025-23597
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sabareesha Rio Photo Gallery rio-photo-gallery allows Reflected XSS.This issue affects Rio Photo Gallery: from n/a through = 0.1...
CVE-2025-23597 WordPress Rio Photo Gallery plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sabareesha Rio Photo Gallery rio-photo-gallery allows Reflected XSS.This issue affects Rio Photo Gallery: from n/a through = 0.1...
CVE-2025-23597 WordPress Rio Photo Gallery plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riosis Private Limited Rio Photo Gallery allows Reflected XSS. This issue affects Rio Photo Gallery: from n/a through 0.1...
CVE-2025-23597
CVE-2025-23597 is a reflected Cross-Site Scripting vulnerability in Rio Photo Gallery (WordPress plugin). The issue arises from improper neutralization of input during web page generation, enabling an attacker to inject script via a reflected payload. The CVSS v3.1 base score is 7.1 (High) with N...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-23597
CVE-2024-23597 describes a cross-site request forgery (CSRF) in TvRock 0.9t8a. When a logged‑in user visits a crafted page, unintended operations may be performed. The issue is attributed to TvRock’s lack of reachable mitigation, prompting multiple sources to recommend stopping use of version 0.9...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2023-23597
Summary: CVE-2023-23597 affects Mozilla Firefox and concerns a compromised web child process that could bypass web security opening restrictions, allowing a new child process to spawn in the file:// context and potentially read arbitrary files. The issue is described as a vulnerability in Firefox...
CVE-2023-23597 Logic bug in process allocation allowed to read arbitrary files
A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...
Ubuntu: Security Advisory (USN-5816-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5816-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Security Advisory (MFSA2023-01) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2023-01. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
UBUNTU-CVE-2023-23597
A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...
@adminjs/fastify (>=1.0.0 <=2.0.0), @autotelic/apollo-server-fastify (>=4.0.0 <=4.1.1) +46 more potentially affected by CVE-2021-23597 via fastify-multipart (>=0.2.0 <=5.3.0)
fastify-multipart NPM version =0.2.0, =1.0.0, =4.0.0, =0.0.1, =1.0.0, =1.0.2, =1.1.7, =1.1.7, =0.0.1, =0.0.1-rc2, =0.0.3, =0.0.5, =0.0.0, =0.0.1, =1.0.0, =1.0.1 and more Source cves: CVE-2021-23597 Source advisory: OSV:GHSA-QH73-QC3P-RJV2...
CVE-2021-23597
This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136 https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382...
CVE-2021-23597 Denial of Service (DoS)
This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. Note: This is a bypass of CVE-2020-8136 https://security.snyk.io/vuln/SNYK-JS-FASTIFYMULTIPART-1290382...