Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/02/23 7:26 a.m.12 views

CVE-2026-27210

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hostin...

6.1CVSS6AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2026/02/21 6:17 a.m.10 views

CVE-2026-27210

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hostin...

6.1CVSS0.00319EPSS
Exploits0References2
CVE
CVE
added 2026/02/21 5:24 a.m.23 views

CVE-2026-27210

CVE-2026-27210 | Pannellum XSS has concrete details in the connected documents. Affected: Pannellum core viewer (versions 3.5.0 through 2.5.6) where the hot spot attributes configuration property could be set to any attribute, including HTML event handlers, enabling potential XSS when using untru...

6.1CVSS6AI score0.00319EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/21 5:24 a.m.5 views

CVE-2026-27210

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hostin...

5.3CVSS6.1AI score0.00319EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/21 5:24 a.m.2 views

CVE-2026-27210 Pannellum has a XSS vulnerability in hot spot attributes

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hostin...

5.3CVSS6AI score0.00319EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/21 5:24 a.m.38 views

CVE-2026-27210 Pannellum has a XSS vulnerability in hot spot attributes

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hostin...

5.3CVSS0.00319EPSS
Exploits0References2
OSV
OSV
added 2026/02/21 5:24 a.m.6 views

CVE-2026-27210 Pannellum has a XSS vulnerability in hot spot attributes

Pannellum is a lightweight, free, and open source panorama viewer for the web. In versions 3.5.0 through 2.5.6, the hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hostin...

5.3CVSS6.1AI score0.00319EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/19 8:44 p.m.4 views

Cross-site Scripting (XSS)

Overview pannellum is a lightweight, free, and open source panorama viewer for the web. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the attributes configuration property in hot spots. An attacker can execute arbitrary JavaScript code by supplying a malicious...

6.1CVSS5.8AI score0.00319EPSS
Exploits0References2
OSV
OSV
added 2026/02/19 8:44 p.m.4 views

GHSA-8423-W5WX-H2R6 Pannellum has a XSS vulnerability in hot spot attributes

Impact The hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hosting the standalone viewer HTML file and any other use of untrusted JSON config files bypassing the...

5.3CVSS6.2AI score0.00319EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/19 8:44 p.m.7 views

Pannellum has a XSS vulnerability in hot spot attributes

Impact The hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hosting the standalone viewer HTML file and any other use of untrusted JSON config files bypassing the...

6.1CVSS6.1AI score0.00319EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder