15 matches found
PT-2026-7821
CVE-2026-25974 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-25974 Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2021-25974
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article...
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation Vulnerabilities
OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities. ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT Frentix GmbH...
CVE-2024-25974
creationtimestamp| type| source ---|---|--- 2024-02-20 09:31:46+00:00| seen| https://t.me/ctinow/188250 2024-02-21 07:46:41+00:00| seen| https://t.me/arpsyndicate/3743...
CVE-2024-25974
The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scripting XSS vulnerability. It is possible to upload files within the Media Center of OpenOlat version 18.1.5 or lower as an authenticated user without any other rights. Although the filetypes are limited, an SVG image containing a...
CVE-2024-25974 Stored Cross-Site Scripting (XSS) within the Media Center
The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scripting XSS vulnerability. It is possible to upload files within the Media Center of OpenOlat version 18.1.5 or lower as an authenticated user without any other rights. Although the filetypes are limited, an SVG image containing a...
CVE-2023-25974
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in psicosi448 wp2syslog plugin = 1.0.5 versions...
CVE-2023-25974
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in psicosi448 wp2syslog plugin = 1.0.5 versions...
CVE-2023-25974
CVE-2023-25974 affects the WordPress wp2syslog plugin (versions
WordPress wp2syslog Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)
Software wp2syslog Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25974 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3e4ffc697cd7 Credits Prasanna V Balaji Required...
CVE-2021-25974
creationtimestamp| type| source ---|---|--- 2021-11-10 14:36:22+00:00| seen| https://t.me/cibsecurity/32148...
CVE-2021-25974 Publify - Stored Cross-Site Scripting (XSS) in Editor
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article...
CVE-2021-25974
CVE-2021-25974 affects Publify versions 8.0–9.2.4 and involves stored XSS in page/article creation (and, per related notes, via unrestricted file upload). A user with a publisher role can inject/execute arbitrary JavaScript; no remediation details are provided in the supplied documents. Monitor f...
CVE-2026-25974
...
CVE-2026-25974
CVE-2026-25974 entry is rejected/not used and does not represent an active vulnerability.