5 matches found
CVE-2022-32407
Softr v2.0 was discovered to contain a Cross-Site Scripting XSS vulnerability via the First Name parameter under the Create A New Account module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-32407
CVE-2022-32407 affects Softr v2.0 with a Cross‑Site Scripting (XSS) issue in the Create A New Account module, exploitable via the First Name parameter to execute arbitrary scripts/HTML. Primary CVE entry notes a medium severity (CVSS v3.1 base score 6.1) with network access and user interaction r...
Statamic framework Incorrect Permission Assignment
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...
CVE-2018-20874
cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface SEC-428...
CVE-2017-11422
Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...