Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded yesterday15 views

CVE-2026-55409

Filament (Laravel) v3 contains a vulnerability where a disabled RichEditor field renders its raw HTML state without sanitization. If the form state data isn’t sanitized when populated, an attacker could inject malicious HTML/JavaScript, causing XSS to execute for users viewing the form. Affected ...

7.6CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 6 days ago10 views

PT-2026-50597

Name of the Vulnerable Software and Affected Versions Filament versions 3.0.0 through 3.3.52 Description A disabled RichEditor field renders its raw state without sanitizing HTML. If the data stored in the field's state was not previously sanitized when the form state was filled, an attacker can...

7.6CVSS5.8AI score
Exploits0References6
CNNVD
CNNVDadded 2026/03/10 12:0 a.m.5 views

编号撤回

“form” is a form state management program developed by TanStack. “R” is a statistical computing software provided by The R Foundation. This CVE number has been withdrawn...

5.7AI score0.00052EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/09/30 12:0 a.m.2 views

Google Chrome 安全漏洞

Google Chrome is a web browser. v8 is one of the open source JavaScript engines. form is a form state manager. A security vulnerability exists in Google Chrome, which stems from an improper storage implementation that could lead to data disclosure or elevation of privilege...

6.3CVSS8.6AI score0.00206EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2021/06/22 3:15 p.m.58 views

Form validation can be skipped

Impact By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. We consider the severity low because it is not possible to change any form values since the form state is secured with an HMAC that is still verified. That means that...

6.5CVSS0.4AI score0.01124EPSS
Exploits0References8Affected Software1
Friends Of PHP
Friends Of PHPadded 2021/06/21 5:0 p.m.24 views

Form validation can be skipped in neos/form

Impact By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. We consider the severity low because it is not possible to change any form values since the form state is secured with an HMAC that is still verified. That means that...

6.5CVSS5.9AI score0.01124EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2021/06/21 12:0 a.m.1 views

Neos/forms 输入验证错误漏洞

Neos/forms is an open source framework for building web forms. A security vulnerability exists in Neos/forms where the program can submit a form without invoking any validator by creating a special "GET" request that contains valid form state...

6.5CVSS6AI score0.01124EPSS
Exploits0References5
CNVD
CNVDadded 2015/11/07 12:0 a.m.3 views

Accentis Cross-Site Scripting Vulnerability

Accentis is a suite of management software for ERP, CRM, payroll, production and inventory management. Accentis fails to properly filter the 'ctl00$cphcontent$uigformState' parameter, allowing remote attackers to exploit the vulnerability by injecting malicious script or HTML code, obtaining...

6.1CVSS6.6AI score0.00949EPSS
Exploits2References1
Rows per page
Query Builder