Lucene search
K

16 matches found

Circl
Circl
added 5 days ago7 views

CVE-2026-43717

creationtimestamp| type| source ---|---|--- 2026-07-01 02:49:59+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0818 2026-07-01 16:01:00+00:00| seen| https://www.thezdi.com/blog/2026/6/30/the-june-2026-apple-security-update-review 2026-07-02 01:00:44+00:00| seen|...

6.5CVSS5.9AI score0.00189EPSS
Exploits0References3
Circl
Circl
added 2025/09/16 11:16 p.m.6 views

CVE-2024-43717

creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:34+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

4.3CVSS4.2AI score0.00621EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:57 a.m.6 views

CVE-2022-43717

Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

5.4CVSS5.8AI score0.0124EPSS
Exploits0References1
NVD
NVD
added 2025/04/17 3:15 a.m.25 views

CVE-2025-43717

In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...

5.4CVSS0.00277EPSS
Exploits0References4
OSV
OSV
added 2025/04/17 3:15 a.m.5 views

CVE-2025-43717

In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...

5.4CVSS6.8AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/17 12:0 a.m.3 views

CVE-2025-43717

In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...

5.4CVSS5.5AI score0.00277EPSS
Exploits0References4
CVE
CVE
added 2025/04/17 12:0 a.m.72 views

CVE-2025-43717

PEAR HTTP_Request2 is vulnerable prior to version 2.7.0. The issue arises because multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading to Cross-Site Scripting (XSS). The root cause is inp...

5.4CVSS5.8AI score0.00277EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/17 12:0 a.m.14 views

CVE-2025-43717

In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...

5.4CVSS0.00277EPSS
Exploits0References4
Circl
Circl
added 2025/04/04 2:36 p.m.6 views

CVE-2022-43717

creationtimestamp| type| source ---|---|--- 2025-04-04 14:36:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10461...

5.4CVSS5.4AI score0.0124EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 10:5 p.m.23 views

CVE-2024-43717 Adobe Experience Manager | Improper Access Control (CWE-284)

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality...

4.3CVSS0.00621EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/10 10:5 p.m.12 views

CVE-2024-43717 Adobe Experience Manager | Improper Access Control (CWE-284)

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality...

4.3CVSS6.4AI score0.00621EPSS
Exploits0References1
Circl
Circl
added 2023/10/01 2:39 a.m.6 views

CVE-2023-43717

creationtimestamp| type| source ---|---|--- 2023-10-01 02:39:07+00:00| seen| https://t.me/cibsecurity/71369...

5.4CVSS5.5AI score0.00431EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/09/30 9:4 p.m.19 views

CVE-2023-43717 Os Commerce 4.12.56860 - Cross Site Scripting Reflected (XSS)

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCHHIGHLIGHTENABLETITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

5.4CVSS5.5AI score0.00431EPSS
Exploits1References2
CVE
CVE
added 2023/09/30 9:4 p.m.40 views

CVE-2023-43717

OsCommerce (4.x era) has a Cross-Site Scripting (XSS) vulnerability in the MSEARCH_HIGHLIGHT_ENABLE_TITLE[1] parameter, allowing injected JavaScript to run in a user’s browser. Sources across NVD/NVD mirror entries describe the flaw but do not specify a fixed patch/version. The provided documents...

5.4CVSS5.3AI score0.00431EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/01/16 10:8 a.m.77 views

CVE-2022-43717

CVE-2022-43717 affects Apache Superset: dashboard rendering does not sufficiently sanitize Markdown content, enabling possible XSS by authenticated users with create dashboard permissions. Documented impact covers Superset versions 1.5.2 and earlier, and 2.0.0 (per CVE sources and related advisor...

5.4CVSS5.1AI score0.0124EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/16 10:8 a.m.28 views

CVE-2022-43717 Apache Superset: Cross-Site Scripting on dashboards

Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

5.3AI score0.0124EPSS
Exploits0References1
Rows per page
Query Builder