CVE-2026-26281 InvoicePlane has Stored Cross-Site Scripting (XSS) Issue in Sumex Invoice View

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A stored cross-site scripting XSS vulnerability in the Sumex invoice view allows an authenticated user with client and invoice management privileges to execute arbitrary JavaScript in the browser o...

CVE-2026-26281 InvoicePlane has Stored Cross-Site Scripting (XSS) Issue in Sumex Invoice View

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A stored cross-site scripting XSS vulnerability in the Sumex invoice view allows an authenticated user with client and invoice management privileges to execute arbitrary JavaScript in the browser o...

CVE-2022-26281

BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue...

CVE-2024-26281

Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS 123...

CVE-2021-26281

Some parameters of the alarm clock module are improperly stored, leaking some sensitive information...

CVE-2021-26281

Some parameters of the alarm clock module are improperly stored, leaking some sensitive information...

CVE-2021-26281

creationtimestamp| type| source ---|---|--- 2024-12-17 06:46:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113666815966073194 2024-12-17 09:15:28+00:00| seen| https://t.me/cvedetector/13073...

CVE-2021-26281

The CVE-2021-26281 entry relates to the vivo Alarm clock module, where some parameters are improperly stored, leaking sensitive information. The available documents identify the affected component as the alarm clock module and describe the root cause as improper storage of certain parameters, res...

CVE-2021-26281 Information disclosure vulnerability in Alarm clock module

Some parameters of the alarm clock module are improperly stored, leaking some sensitive information...

CVE-2021-26281 Information disclosure vulnerability in Alarm clock module

Some parameters of the alarm clock module are improperly stored, leaking some sensitive information...

CVE-2024-26281

creationtimestamp| type| source ---|---|--- 2024-02-22 16:26:14+00:00| seen| https://t.me/ctinow/190883 2024-02-22 16:32:07+00:00| seen| https://t.me/ctinow/190898...

CVE-2024-26281

Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS 123...

CVE-2024-26281

Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS 123...

CVE-2024-26281

CVE-2024-26281 concerns Firefox for iOS. In the provided docs, scanning a JavaScript URI with the QR code scanner could allow an attacker to execute unauthorized scripts in the current top-origin, via a cross-site scripting issue. Affected product: Firefox for iOS before version 123. Root cause: ...

IBM HTTP Server 8.5.5.22 < 8.5.5.24 DoS (6958522)

The version of IBM HTTP Server running on the remote host is affected by a denial of service DoS vulnerability, which could allow an unauthenticated, remote attacker to cause a denial of service using a specially crafted URL. Note that Nessus has not tested for this issue but has instead relied...

Security Bulletin: IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to a denial of service due to IBM HTTP Server (CVE-2023-26281)

Summary Security Bulletin: IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to a denial of service. This is due to IBM HTTP Server, used by IBM WebSphere Application Server, which is vulnerable to a denial of service using a...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2023-26281]

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2023-26281 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affecte...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-26281)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

CVE-2023-26281

CVE-2023-26281 affects IBM HTTP Server 8.5 (used with IBM WebSphere Application Server). A remote attacker can trigger a denial-of-service by sending a specially crafted URL. The issue is addressed by IBM HTTP Server fixes; advisories reference an update path for IBM HTTP Server (e.g., 8.5.5.24) ...

Security Bulletin: Denial of Service vulnerability in IBM HTTP Server used by WebSphere Application Server affects IBM Business Automation Workflow (CVE-2023-26281)

Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...