9 matches found
CVE-2026-44364
MISP modules are autonomous modules that can be used to extend MISP for new services. In 3.0.7 and earlier, a Cross-Site Request Forgery vulnerability in the MISP Modules website allowed an attacker to cause an authenticated user to submit unintended requests to the home endpoint. The vulnerabili...
CVE-2026-44364
MISP modules are autonomous modules that can be used to extend MISP for new services. In 3.0.7 and earlier, a Cross-Site Request Forgery vulnerability in the MISP Modules website allowed an attacker to cause an authenticated user to submit unintended requests to the home endpoint. The vulnerabili...
MISP modules 跨站请求伪造漏洞
MISP modules are scalable threat intelligence platform modules developed under the open-source MISP Project. They support import, export, expansion, and automated workflows. MISP modules 3.0.7 and earlier versions had a cross-site request forgery vulnerability. This vulnerability stemmed from the...
CVE-2025-40976
Stored Cross-Site Scripting XSS vulnerability in WorkDo's TicketGo, consisting of a lack of proper validation of user input by sending a POST request to ‘/ticketgo-saas/home’, using the ‘description’ parameter...
PT-2026-1799
Name of the Vulnerable Software and Affected Versions WorkDo's TicketGo affected versions not specified Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. The issue involves sending a POST request to the ''/ticketgo-saas/home'' API...
PT-2025-47460
Name of the Vulnerable Software and Affected Versions ITEL ISO FM SFN Adapter versions ISO2 2.0.0.0 and WebServer 2.0 Description The ITEL ISO FM SFN Adapter is susceptible to session hijacking because of inadequate session management on the /home.html endpoint. An attacker can gain access to an...
CVE-2025-28232
Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without authentication...
PT-2025-4587 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.8 Description: A Reflected Cross-Site Scripting XSS issue was identified in the "home.php" endpoint of the WeGIA application. This issue allows attackers to inject malicious scripts in the msg c parameter...
PT-2022-22461 · Openteknik Llc · Openteknik Llc Ossn Open Source Social Network
Name of the Vulnerable Software and Affected Versions: OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK version 6.3 LTS Description: The issue is related to an HTML injection vulnerability. This vulnerability can be exploited via the location parameter at the API endpoint "http://ip...