Lucene search
K

427 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/22 7:32 p.m.9 views

CVE-2026-3673

An authenticated attacker can store a crafted tag value in usertags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interpolates tag content into HTML attributes and element content without escaping. This issue affects...

4.6CVSS5.9AI score0.00201EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.6 views

PT-2026-33923

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

5.1CVSS6AI score0.00343EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/17 8:29 p.m.6 views

EUVD-2026-23513

Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML using unsafe methods like innerHTML without sanitization. An attacker can craft a file with a...

3.1CVSS5.7AI score0.00168EPSS
Exploits1References1
OSV
OSV
added 2026/04/16 1:37 a.m.5 views

GHSA-6F54-QJVM-WWQ3 wger has Stored XSS via Unescaped License Attribution Fields

Stored XSS via Unescaped License Attribution Fields Summary The AbstractLicenseModel.attributionlink property in wger/utils/models.py constructs HTML strings by directly interpolating user-controlled fields licenseauthor, licensetitle, licenseobjecturl, licenseauthorurl, licensederivativesourceur...

5.4CVSS6AI score0.00207EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/10 7:22 p.m.5 views

PraisonAI Vulnerable to Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency)

Summary The Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml. When nh3 is absent the default installation, the...

6.1CVSS5.8AI score0.00216EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 9:16 p.m.2 views

CVE-2026-40112 PraisonAI has Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency)

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml...

5.4CVSS5.9AI score0.00216EPSS
Exploits1References1
CVE
CVE
added 2026/04/09 9:16 p.m.15 views

CVE-2026-40112

PraisonAI (multi-agent system) is affected by a Stored XSS in the Flask API before version 4.5.128. The /src/praisonai/api.py endpoint renders agent output as HTML using a _sanitize_html routine that relies on the nh3 library, which is not declared as a required/optional dependency in pyproject.t...

6.1CVSS6AI score0.00216EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.7 views

PraisonAI 跨站脚本漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained a cross-site scripting vulnerability. This vulnerability stemmed from Flask API endpoints rendering HTML, where cleanup operations were ineffective, allowing...

6.1CVSS5.8AI score0.00216EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/08 7:15 p.m.6 views

CI4MS has stored XSS in Pages Content Due to Missing html_purify Sanitization

Summary The Pages module does not apply the htmlpurify validation rule to content fields during create and update operations, while the Blog module does. Page content is stored unsanitized in the database and rendered as raw HTML on the public frontend via echo $pageInfo-content. An authenticated...

5.5CVSS6AI score0.00247EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.11 views

PT-2026-31431

immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...

7.3CVSS6.1AI score0.00225EPSS
Exploits1References3
OSV
OSV
added 2026/03/26 9:13 p.m.8 views

CVE-2026-33664 Kestra Vulnerable to Stored Cross-Site Scripting via Flow YAML Fields

Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields — description, inputs.displayName, inputs.description — through the Markdown.vue component instantiated with html: true. The resulting HTML is injected...

7.3CVSS6.1AI score0.00255EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/26 6:28 p.m.5 views

n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

Impact An authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such responses inline on the n8n origin without Content-Disposition or Content-Security-Policy...

9CVSS5.9AI score0.00249EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.2 views

PT-2026-28508

Name of the Vulnerable Software and Affected Versions Kestra versions up to and including 1.3.3 Description Kestra is an open-source, event-driven orchestration platform. Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields – description, inputs.displayName,...

7.3CVSS5.9AI score0.00255EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/25 6:39 p.m.3 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS5.9AI score0.00249EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 6:39 p.m.5 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS5.9AI score0.00249EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 5:8 a.m.2 views

CVE-2026-33035

WWBN AVideo is an open source video platform. In versions 25.0 and below, there is a reflected XSS vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser. User input from a URL parameter flows through PHP's jsonencode into a JavaScript function...

5.3CVSS5.9AI score0.00317EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/03/20 5:8 a.m.13 views

CVE-2026-33035

CVE-2026-33035 affects WWBN AVideo

6.1CVSS5.9AI score0.00317EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/18 12:58 p.m.8 views

Craft CMS Vulnerable to Stored XSS in Revision Context Menu

The revision/draft context menu in the element editor renders the creator’s fullName as raw HTML due to the use of Template::raw combined with Craft::t string interpolation. A low-privileged control panel user e.g., Author can set their fullName to an XSS payload via the profile editor, then crea...

5.4CVSS5.8AI score0.00243EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.5 views

PT-2026-26189

Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.8.4 and 5.0.0 through 5.3.4 have two Filament Table summarizers Range, Values that render raw database values without escaping HTML. If there is a lack of validation for the data in the...

7.3CVSS5.8AI score0.00296EPSS
Exploits0References9
CVE
CVE
added 2026/03/12 9:29 p.m.208 views

CVE-2026-32308

OneUptime prior to version 10.0.23 is affected by a Stored XSS in the Markdown viewer’s Mermaid diagram rendering. The renderer uses securityLevel: "loose" and injects Mermaid SVG output via innerHTML, allowing interactive bindings and enabling XSS via Mermaid’s click directive to execute arbitra...

7.6CVSS6AI score0.00224EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder