CVE-2023-26040

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

CVE-2024-26040

creationtimestamp| type| source ---|---|--- 2024-03-18 19:27:21+00:00| seen| https://t.me/ctinow/210878...

CVE-2024-26040

CVE-2024-26040 affects Adobe Experience Manager 6.5.19 and earlier with a stored XSS in vulnerable form fields. Exploitation requires user interaction; malicious JavaScript can run in the victim’s browser when loading a page containing the affected field. A related advisory (APSB24-05) and Nessus...

CVE-2023-26040

Discourse (open-source discussion platform) vulnerable in the tests-passed branch between versions 3.1.0.beta2 and 3.1.0.beta3, where editing or replying to a chat message containing malicious content could lead to cross-site scripting (XSS). The issue is patched in version 3.1.0.beta3 of the tes...

CVE-2023-26040 Discourse chat messages susceptible to Cross-site Scripting through chat excerpts

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

CVE-2023-26040 Discourse chat messages susceptible to Cross-site Scripting through chat excerpts

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

CVE-2021-26040

creationtimestamp| type| source ---|---|--- 2021-08-24 18:23:24+00:00| seen| https://t.me/cibsecurity/27772...

CVE-2021-26040 [20210801] - Core - Insufficient access control for com_media deletion endpoint

An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command...

CVE-2021-26040

Joomla! 4.0.0 (and 4.0.x prior to 4.0.1) is affected by an insufficient access control in the com_media deletion endpoint. The media manager does not properly verify user permissions before executing a file deletion command, enabling an unauthenticated, remote attacker to delete arbitrary files o...

CVE-2026-26040

CVE-2026-26040 is rejected/not used and does not represent an active vulnerability entry.

CVE-2026-26040

...