Lucene search
K

5 matches found

OSV
OSV
added 2022/10/27 7:15 p.m.5 views

CVE-2022-32407

Softr v2.0 was discovered to contain a Cross-Site Scripting XSS vulnerability via the First Name parameter under the Create A New Account module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS6AI score0.00486EPSS
Exploits1References2
CVE
CVE
added 2022/10/27 12:0 a.m.51 views

CVE-2022-32407

CVE-2022-32407 affects Softr v2.0 with a Cross‑Site Scripting (XSS) issue in the Create A New Account module, exploitable via the First Name parameter to execute arbitrary scripts/HTML. Primary CVE entry notes a medium severity (CVSS v3.1 base score 6.1) with network access and user interaction r...

6.1CVSS5.9AI score0.00486EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.23 views

Statamic framework Incorrect Permission Assignment

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

8.8CVSS6.8AI score0.00867EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/01 12:40 p.m.21 views

CVE-2018-20874

cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface SEC-428...

5.3AI score0.00531EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/07/24 12:0 p.m.25 views

CVE-2017-11422

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

8.8AI score0.00867EPSS
Exploits0References1
Rows per page
Query Builder