Lucene search
K

14 matches found

Cvelist
Cvelist
added yesterday16 views

CVE-2026-46454 Apache Camel: Camel-Cometd: Inbound Bayeux message headers are mapped into the Exchange without a HeaderFilterStrategy, allowing unauthenticated clients to inject Camel control headers

Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...

0.00195EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-46454

The CVE-2026-46454 entry describes an improper input validation vulnerability in Apache Camel’s CometD binding. The issue arises because inbound Bayeux/CometD headers are mapped into the Camel Exchange without a HeaderFilterStrategy, copying the entire ext.CamelHeaders map onto the message. This ...

9.8CVSS6.1AI score0.00195EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-46454

Improper Input Validation vulnerability in Apache Camel Cometd Component. The camel-cometd component maps inbound Bayeux CometD message headers into the Camel Exchange without applying a HeaderFilterStrategy. CometdBinding.populateExchangeFromMessage copies the entire ext.CamelHeaders map supplie...

6.1AI score0.00195EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-6298

Malware in sbrugna...

6.1CVSS6.2AI score0.00648EPSS
Exploits0References7
CNVD
CNVD
added 2020/08/03 12:0 a.m.1 views

Faye Trust Management Issue Vulnerability

Faye is a set of open source based on the Bayeux protocol publish-subscribe messaging system . The system is mainly used for publish-subscribe messaging between Web clients . A trust management issue vulnerability exists in versions of Faye prior to 1.4.0, which stems from the program failing to...

8.7CVSS6.6AI score0.00864EPSS
Exploits1References1
NVD
NVD
added 2019/12/11 2:15 p.m.20 views

CVE-2013-6495

JBossWeb Bayeux has reflected XSS...

6.1CVSS6.1AI score0.00648EPSS
Exploits0References2
Prion
Prion
added 2019/12/11 2:15 p.m.20 views

Cross site scripting

JBossWeb Bayeux has reflected XSS...

4.3CVSS6.2AI score0.00648EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2019/12/11 1:48 p.m.74 views

CVE-2013-6495

CVE-2013-6495 concerns JBossWeb Bayeux with a reflected XSS vulnerability. Public details in the provided documents identify the flaw as a reflected XSS issue. NVD indicates CVSS2 base score 4.3 (MEDIUM) and CVSS3.1 base score 6.1 (MEDIUM). Connected entries list the CVE among Red Hat advisories ...

6.1CVSS6AI score0.00648EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/12/11 1:48 p.m.20 views

CVE-2013-6495

JBossWeb Bayeux has reflected XSS...

6.1AI score0.00648EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2017/05/02 7:43 a.m.15 views

bayeux-encheres.auction.fr XSS vulnerability

Vulnerable URL:...

6.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/10/16 4:45 p.m.3 views

Bayeux: Reflected Cross-Site Scripting (XSS)

JBossWeb Bayeux has reflected XSS...

6.1CVSS5.8AI score0.00648EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/04 6:46 p.m.6 views

Bayeux: Reflected Cross-Site Scripting (XSS)

JBossWeb Bayeux has reflected XSS...

6.1CVSS5.8AI score0.00648EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/04 6:45 p.m.7 views

Bayeux: Reflected Cross-Site Scripting (XSS)

JBossWeb Bayeux has reflected XSS...

6.1CVSS5.8AI score0.00648EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/04 6:43 p.m.5 views

Bayeux: Reflected Cross-Site Scripting (XSS)

JBossWeb Bayeux has reflected XSS...

6.1CVSS5.8AI score0.00648EPSS
Exploits0References4
Rows per page
Query Builder