Lucene search
K

4 matches found

OSV
OSV
added 2026/05/15 8:41 a.m.7 views

BIT-JUPYTER-BASE-NOTEBOOK-2026-42557 jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS6.3AI score0.00386EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/10/15 12:27 p.m.9 views

WordPress ShopMagic plugin <= 4.5.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin ShopMagic versions = 4.5.6...

5.8CVSS6.9AI score0.00283EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/11/03 12:0 a.m.5 views

BigTree CMS Cross-Site Scripting Vulnerability (CNVD-2023-93329)

BigTree CMS is a content management system. A cross-site scripting vulnerability exists in BigTree CMS version v4.5.7, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by a remote attacker to execute arbitrary code via ID...

5.4CVSS6.9AI score0.00613EPSS
Exploits1References1
CNVD
CNVD
added 2019/10/23 12:0 a.m.3 views

FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-36989)

FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conference server and voice application server. A cross-site scripting vulnerability exists in FusionPBX 4.5.7 and prior versions. The...

6.1CVSS6.4AI score0.00824EPSS
Exploits0References1
Rows per page
Query Builder