Lucene search
+L

68 matches found

nvd
nvd
added last week11 views

CVE-2026-59209

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and...

7.1CVSS0.00294EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/23 3:46 p.m.43 views

CVE-2026-54302 n8n: Stored XSS in Chat Trigger Node

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...

7CVSS0.0021EPSS
Exploits0References1
github
github
added 2026/06/17 2:6 p.m.13 views

NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL

Summary The spreadsheet-fetch endpoint axiosRequestMake accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16, allowing the cloud-metadata endpoint to be reached with a crafted URL...

5.1CVSS5.3AI score0.00282EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/06/13 2:29 a.m.8 views

CVE-2026-12089 WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
nvd
nvd
added 2026/06/12 10:16 p.m.13 views

CVE-2026-53609

ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, apos.util.set traverses dot-notation paths without sanitizing proto, allowing an authenticated editor to write arbitrary values to Object.prototype via the $pullAll patch operator. A confirm...

9.1CVSS0.00237EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:35 p.m.11 views

CVE-2026-5362

An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed editable and cause script execution when the published page is rendered. This issue affects pimcore: v12.3.3...

5.4CVSS5.7AI score0.00194EPSS
Exploits1References1
osv
osv
added 2026/06/04 7:28 p.m.4 views

CVE-2026-41518 Chartbrew has a stored DOM XSS via Chart Tooltip innerHTML (ChartDatasetConfig.legend)

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-editor permissions can store arbitrary HTML/JavaScript in the ChartDatasetConfig.legend field. The...

7.6CVSS6.2AI score0.002EPSS
Exploits0References3
osv
osv
added 2026/06/03 5:44 p.m.3 views

CVE-2026-42839 ERPNext 16.16.0 - Stored XSS in POS cart item rendering

An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the itemname, description, or image fields of an Item and trigger unescaped rendering in the Point of Sale POS cart interface for every operator who adds that item to a transaction.This issue...

4.8CVSS6.1AI score0.00261EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/05/29 12:26 p.m.12 views

CVE-2026-48527 HaxCMS has a stored Cross-Site Scripting (XSS) bypass in saveNode endpoint

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including 26.0.0 are affected by a stored cross-site scripting XSS vulnerability in the /system/api/saveNode endpoint. An authenticated user with a permission to edit pages can bypass the HTML sanitizer by...

8.7CVSS5.6AI score0.00228EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/29 12:26 p.m.42 views

CVE-2026-48527 HaxCMS has a stored Cross-Site Scripting (XSS) bypass in saveNode endpoint

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including 26.0.0 are affected by a stored cross-site scripting XSS vulnerability in the /system/api/saveNode endpoint. An authenticated user with a permission to edit pages can bypass the HTML sanitizer by...

8.7CVSS0.00228EPSS
Exploits0References1
osv
osv
added 2026/05/21 8:35 p.m.10 views

GHSA-99VC-2JX2-688P NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion

Summary The uploadViaURL path in the v1/v2 attachment API did not enforce NCATTACHMENTFIELDSIZE against the remote content-length or against the response stream. An authenticated user Editor+ could direct the server to download arbitrarily large files, exhausting disk space and causing denial of...

6.5CVSS5.9AI score0.00235EPSS
Exploits0References2
github
github
added 2026/05/21 8:35 p.m.45 views

NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion

Summary The uploadViaURL path in the v1/v2 attachment API did not enforce NCATTACHMENTFIELDSIZE against the remote content-length or against the response stream. An authenticated user Editor+ could direct the server to download arbitrarily large files, exhausting disk space and causing denial of...

6.5CVSS5.9AI score0.00235EPSS
Exploits0References2Affected Software1
snyk
snyk
added 2026/05/15 5:14 p.m.9 views

Cross-site Scripting (XSS)

Overview weblate is an A web-based continuous localization system with tight version control integration Affected versions of this package are vulnerable to Cross-site Scripting XSS in the search preview process. An attacker can execute arbitrary HTML or CSS in the authenticated editor interface ...

5.1CVSS5.8AI score0.00208EPSS
Exploits0References2
cve
cve
added 2026/05/11 2:52 p.m.12 views

CVE-2026-42841

Grav CMS stores image attributes via Markdown media action parameters. Before 2.0.0-beta.2, an authenticated page editor could inject a JavaScript event handler by calling attribute(name, value) through image query parameters (e.g., ?attribute=onload,alert(...)). The attack results in a stored XS...

6.9CVSS5.9AI score0.00397EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/05/05 9:24 p.m.9 views

GHSA-R7FX-8G49-7HHR Grav CMS vulnerable to stored XSS via Markdown media attribute() action

Summary An authenticated user with page editing permissions can inject an executable JavaScript event-handler attribute into rendered image HTML through Grav's Markdown media action syntax. The issue is caused by Markdown image query parameters being converted into callable media actions. The...

6.9CVSS5.8AI score0.00397EPSS
Exploits1References4
osv
osv
added 2026/04/27 8:16 p.m.3 views

CVE-2026-5362 Pimcore Platform v12.3.3 - Stored XSS in Document Editable Embed rendering

An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed editable and cause script execution when the published page is rendered. This issue affects pimcore: v12.3.3...

4.8CVSS6.1AI score0.00194EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/04/27 12:0 a.m.3 views

PT-2026-35523

🚨 New zero-day in pimcore | Detected by our AI SAST scanner and disclosed by Oscar Naveda. As a CNA, we assigned the ID CVE-2026-5362. Details: 🔗 https://t.co/iZiXYRAAcM. We have announced 232 CVEs to this date: 🔗 https://t.co/fgMrQcycLm https://t.co/gFxbxDglVo...

4.8CVSS5.3AI score0.00194EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2026/04/21 12:0 a.m.5 views

CVE-2026-31018

In Dolibarr ERP & CRM = 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to inject PHP code through unprotected inputs during website page...

5.8AI score0.00273EPSS
Exploits0References1
snyk
snyk
added 2026/04/14 8:2 p.m.5 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the mail preview feature of the Event Log, where HTML content is rendered in an iframe without proper sandboxing. An attacker can execute arbitrary JavaScript in the context of a privileged user's browser by...

5.4CVSS5.7AI score0.00198EPSS
Exploits0References2
github
github
added 2026/03/27 10:21 p.m.16 views

Withdrawn Advisory: Kirby CMS has Persistent DoS via Malformed Image Upload

Duplicate Advisory This advisory has been withdrawn because it is been determined to not be a vulnerability. This link is maintained to preserve external references. Original Description Summary Kirby CMS through version 5.1.4 allows an authenticated user with Editor permissions to cause a...

6.5CVSS5.2AI score0.00445EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder