PT-2025-37192

Name of the Vulnerable Software and Affected Versions: OnlyOffice versions through 12.7.0 Description: A vulnerability exists in Ascensio System SIA OnlyOffice that can lead to cross site scripting. The issue is located in the Comment Handler component, specifically within the file...

CVE-2025-9100

A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The...

CVE-2025-9100

CVE-2025-9100 affects zhenfeng13 My-Blog 1.0.0, specifically the Frontend Blog Article Comment Handler in /blog/comment. The vulnerability allows authentication bypass via capture-replay and can be exploited remotely; public exploit information is available. Connected data indicate a PROOF-OF-CON...

PT-2025-33629 · Zhenfeng13 · Myblog

Name of the Vulnerable Software and Affected Versions: zhenfeng13 My-Blog version 1.0.0 Description: A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The...

My-Blog 安全漏洞

My-Blog is ZHENFENG13 individual developer by SpringBoot + Mybatis + Thymeleaf and other technologies to achieve the Java blog system, page beautiful, full-featured, easy to deploy and perfect code. A security vulnerability exists in My-Blog version 1.0.0, which stems from the lack of protection...

CVE-2024-3687

A vulnerability was found in bihell Dice 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public an...

CVE-2024-0776

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms 2.0. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation with the input leads to cross site scripting. The attack may be launched remotely. The exploit ha...

CVE-2023-0287

A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2023-5024

A vulnerability was found in Planno 23.04.04. It has been classified as problematic. This affects an unknown part of the component Comment Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

CVE-2025-3962

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2025-3962

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2025-3962 withstars Books-Management-System Comment add cross site scripting

A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

PT-2025-17986 · Unknown · Withstars Books-Management-System

Name of the Vulnerable Software and Affected Versions: withstars Books-Management-System version 1.0 Description: A vulnerability was found in the withstars Books-Management-System, affecting unknown code of the file "/api/comment/add" of the component Comment Handler. The manipulation of the...

CVE-2024-12664

CVE-2024-12664 affects ruifang-tech Rebuild 3.8.5, specifically the internal component Project Task Comment Handler . The issue is described as a cross-site scripting (XSS) vulnerability that can be triggered remotely, with the exploit publicly disclosed. Multiple sources corroborate the affected...

CVE-2024-12664 ruifang-tech Rebuild Project Task Comment cross site scripting

A vulnerability, which was classified as problematic, has been found in ruifang-tech Rebuild 3.8.5. This issue affects some unknown processing of the component Project Task Comment Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

PT-2024-17705 · Ruifang Tech · Ruifang-Tech Rebuild

Name of the Vulnerable Software and Affected Versions: ruifang-tech Rebuild version 3.8.5 Description: A problematic issue has been found in the Project Task Comment Handler component, leading to cross-site scripting. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2024-3687 bihell Dice Comment cross site scripting

A vulnerability was found in bihell Dice 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public an...

CVE-2024-3687 bihell Dice Comment cross site scripting

A vulnerability was found in bihell Dice 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public an...

PT-2024-27185 · Unknown · Bihell Dice

Name of the Vulnerable Software and Affected Versions: bihell Dice version 3.1.0 Description: A problem was found in the Comment Handler component, which can be exploited to perform cross-site scripting. This issue can be attacked remotely. Recommendations: For bihell Dice version 3.1.0, at the...

CVE-2024-0776

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms 2.0. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation with the input leads to cross site scripting. The attack may be launched remotely. The exploit ha...