6 matches found
EUVD-2025-203066
Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release...
CVE-2025-58130
Apache Fineract is affected by an Insufficiently Protected Credentials vulnerability up to version 1.11.0. The issue is fixed in 1.12.1, and users are advised to upgrade to 1.13.0 (latest release). The primary public details indicate credential exposure risk but do not describe specific exploitat...
PT-2025-50905
Name of the Vulnerable Software and Affected Versions Apache Fineract versions through 1.11.0 Description A flaw exists in Apache Fineract related to insufficiently protected credentials. Upgrade to version 1.13.0, the latest release, to address this issue. The issue is resolved in version 1.12.1...
CVE-2025-62413 MQTTX vulnerable to cross-site scripting via improper message payload rendering
MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...
WordPress SureForms – Drag and Drop Form Builder for WordPress plugin <= 1.12.0 - Missing Authorization to Authenticated (Contributor+) Form Creation vulnerability
Missing Authorization to Authenticated Contributor+ Form Creation vulnerability discovered by Alex in WordPress Plugin SureForms versions = 1.12.0...
UBUNTU-CVE-2018-1002150
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1...