CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in RegisterLoginReset.vue contains a reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious...

6.2CVSS5.8AI score0.00438EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:53 a.m.•5 views

CVE-2024-53274

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in home.vue containsa reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious redirectTo parameter...

6.1CVSS5.6AI score0.00438EPSS

Exploits1References1

NVD•added 2024/12/12 2:15 a.m.•6 views

CVE-2024-53273

6.2CVSS0.00438EPSS

Exploits1References2

NVD•added 2024/12/12 2:15 a.m.•8 views

CVE-2024-53272

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The login and social media function in RegisterLoginReset.vue contains two reflected XSS vulnerabilities due to an incorrect sanitization function. An attacker can specify...

6.2CVSS0.00438EPSS

Exploits1References2

NVD•added 2024/12/12 2:15 a.m.•8 views

CVE-2024-53274

6.1CVSS0.00438EPSS

Exploits1References2

CNNVD•added 2024/12/12 12:0 a.m.•3 views

Habitica 跨站脚本漏洞

Habitica is an open source habit-forming program open-sourced by HabitRPG. A cross-site scripting vulnerability exists in Habitica versions prior to 5.28.5 that stems from incorrect cleanup functionality and is susceptible to reflective cross-site scripting attacks...

6.1CVSS6AI score0.00438EPSS

Exploits1References2

CNNVD•added 2024/12/12 12:0 a.m.•2 views

Habitica 跨站脚本漏洞

6.2CVSS5.9AI score0.00438EPSS

Exploits1References2

CNNVD•added 2024/12/12 12:0 a.m.•3 views

Habitica 跨站脚本漏洞

6.2CVSS6AI score0.00438EPSS

Exploits1References2

CVE•added 2024/12/11 10:16 p.m.•46 views

CVE-2024-53274

Habitica (open‑source habit builder) is affected by CVE-2024-53274. The vulnerability is a reflected XSS in the /home context via the register function in home.vue, caused by an insufficient sanitization function. An attacker can abuse a malicious redirectTo parameter to execute arbitrary JavaScr...

6.1CVSS5.7AI score0.00438EPSS

Exploits1References2Affected Software1

Cvelist•added 2024/12/11 10:16 p.m.•13 views

CVE-2024-53274 GHSL-2024-111: Reflected XSS in /home in habitica

5.1CVSS0.00438EPSS

Exploits1References2

Vulnrichment•added 2024/12/11 10:16 p.m.•10 views

CVE-2024-53274 GHSL-2024-111: Reflected XSS in /home in habitica

5.1CVSS5.7AI score0.00438EPSS

Exploits1References2

OSV•added 2024/12/11 10:16 p.m.•5 views

CVE-2024-53274 GHSL-2024-111: Reflected XSS in /home in habitica

5.1CVSS5.8AI score0.00438EPSS

Exploits1References4

CVE•added 2024/12/11 10:13 p.m.•43 views

CVE-2024-53273

Habitica (open‑source app) has a reflected XSS in the /register path prior to version 5.28.5. The vulnerability arises from an incorrect sanitization in the RegisterLoginReset.vue component, allowing a malicious redirectTo parameter to trigger the attack and potentially gain control of a victim’s...

6.2CVSS5.8AI score0.00438EPSS

Exploits1References2Affected Software1

Cvelist•added 2024/12/11 10:13 p.m.•13 views

CVE-2024-53273 GHSL-2024-110: Reflected XSS in /register in habitica

6.2CVSS0.00438EPSS

Exploits1References2

Vulnrichment•added 2024/12/11 10:13 p.m.•6 views

CVE-2024-53273 GHSL-2024-110: Reflected XSS in /register in habitica

6.2CVSS5.8AI score0.00438EPSS

Exploits1References2

Rows per page