22 matches found
CVE-2026-31908
Apache APISIX (forward-auth plugin) is affected by a header injection vulnerability (CVE-2026-31908) tracked across multiple feeds. Affects versions 2.12.0 through 3.15.0; exploitation arises from improper sanitization of CRLF sequences in the forward-auth plugin, enabling injection of HTTP heade...
CVE-2026-31908
creationtimestamp| type| source ---|---|--- 2026-04-14 03:10:44+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mjgfsy5dui2c 2026-04-14 11:38:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjhc6k3jmx2o 2026-04-16 15:19:33+00:00| seen|...
CVE-2021-31908
In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages...
CVE-2022-31908
Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php...
CVE-2025-31908
Cross-Site Request Forgery CSRF vulnerability in Sami Ahmed Siddiqui JSON Structuring Markup json-structuring-markup allows Stored XSS.This issue affects JSON Structuring Markup: from n/a through = 0.1...
CVE-2025-31908
creationtimestamp| type| source ---|---|--- 2025-04-01 16:32:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9937...
WordPress JSON Structuring Markup plugin <= 0.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin JSON Structuring Markup versions = 0.1...
CVE-2025-31908
Cross-Site Request Forgery CSRF vulnerability in Sami Ahmed Siddiqui JSON Structuring Markup json-structuring-markup allows Stored XSS.This issue affects JSON Structuring Markup: from n/a through = 0.1...
CVE-2025-31908
CVE-2025-31908 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin JSON Structuring Markup that can lead to Stored XSS. The description lists the affected range as JSON Structuring Markup: from n/a through 0.1, indicating publicly released versions up to 0.1 may be impact...
CVE-2025-31908 WordPress JSON Structuring Markup plugin <= 0.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Sami Ahmed Siddiqui JSON Structuring Markup allows Stored XSS. This issue affects JSON Structuring Markup: from n/a through 0.1...
CVE-2024-31908
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2024-31908
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2023-31908
Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component ecmabuiltintypedarrayprototypesort...
UBUNTU-CVE-2023-31908
Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component ecmabuiltintypedarrayprototypesort...
CVE-2023-31908
Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component ecmabuiltintypedarrayprototypesort...
CVE-2023-31908
CVE-2023-31908 affects JerryScript 3.0 (commit 05dbbd1) and involves a heap-buffer-overflow in ecma_builtin_typedarray_prototype_sort. The vulnerability is categorized as HIGH severity (CVSS 3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Impact is primarily confidentiality, integrity, and availabilit...
CVE-2023-31908
Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component ecmabuiltintypedarrayprototypesort...
CVE-2022-31908
creationtimestamp| type| source ---|---|--- 2022-06-16 18:26:34+00:00| seen| https://t.me/cibsecurity/44630...
CVE-2022-31908
Student Registration and Fee Payment System v1.0 is vulnerable to SQL Injection via /scms/student.php...
CVE-2022-31908
CVE-2022-31908 affects the Student Registration and Fee Payment System v1.0. The vulnerability is a SQL Injection via the login/registration endpoint at /scms/student.php, caused by missing input data filtering/escaping. This allows an attacker to inject SQL commands and potentially access/modify...