16 matches found
EUVD-2025-28368
Malicious code in bioql PyPI...
CVE-2025-5015
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015 Parsons AccuWeather Widget Cross-site Scripting
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015 Parsons AccuWeather Widget Cross-site Scripting
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015
CVE-2025-5015 : A cross-site scripting vulnerability exists in the Parsons AccuWeather widget and the Custom RSS widget, allowing an unauthenticated user to replace the RSS feed URL with a malicious one. Concrete details across sources confirm the affected components, the attack involves injectin...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on June 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-175-01 Kaleris Navis N4 Terminal Operating System ICSA-25-175-02 Delta Electronics...
PT-2025-26765 · Unknown · Custom Rss Widget +1
Name of the Vulnerable Software and Affected Versions: AccuWeather and Custom RSS widget affected versions not specified Description: A cross-site scripting issue exists in the AccuWeather and Custom RSS widget, allowing an unauthenticated user to replace the RSS feed URL with a malicious one...
spotlight.accuweather.com Open Redirect vulnerability OBB-3887036
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
gisserver.accuweather.com Cross Site Scripting vulnerability OBB-3855077
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Malicious code in accuweather-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd2d43078275d0d6cca7d9291adde69d021f469bddf2c8970db4f1d7d24ca96a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-823 Malicious code in accuweather-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd2d43078275d0d6cca7d9291adde69d021f469bddf2c8970db4f1d7d24ca96a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
cropforecast.accuweather.com XSS vulnerability
Open Bug Bounty ID: OBB-391561 Description| Value ---|--- Affected Website:| cropforecast.accuweather.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...
AccuWeather - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application AccuWeather published at the 'play' market has multiple vulnerabilities...
wwwa.accuweather.com XSS vulnerability
Vulnerable URL: http://wwwa.accuweather.com/adcbin/flavideo/video.asp?video=1%22--%3E%3Csvg/onload=;prompt/OPENBUGBOUNTY/;%3E763126 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
wwwl.accuweather.com XSS vulnerability
Open Bug Bounty ID: OBB-66026 Description| Value ---|--- Affected Website:| wwwl.accuweather.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Che...