LinkAce 跨站脚本漏洞

LinkAce is a self-hosted archive of links to your favorite websites. A cross-site scripting vulnerability exists in LinkAce 2.3.1 and prior versions, which stems from insufficient validation of title field input by the social media sharing feature and can be exploited by an attacker to cause a...

EUVD-2024-53174

Malicious code in bioql PyPI...

EUVD-2024-53175

Malicious code in bioql PyPI...

EUVD-2025-27171

Malicious code in bioql PyPI...

CVE-2025-59424

LinkAce is a self-hosted archive to collect website links. Prior to 2.3.1, a Stored Cross-Site Scripting XSS vulnerability has been identified on the /system/audit page. The application fails to properly sanitize the username field before it is rendered in the audit log. An authenticated attacker...

CVE-2025-59424

LinkAce is a self-hosted archive to collect website links. Prior to 2.3.1, a Stored Cross-Site Scripting XSS vulnerability has been identified on the /system/audit page. The application fails to properly sanitize the username field before it is rendered in the audit log. An authenticated attacker...

CVE-2025-59424 LinkAce Vulnerable to Stored XSS on the Audit Page

LinkAce is a self-hosted archive to collect website links. Prior to 2.3.1, a Stored Cross-Site Scripting XSS vulnerability has been identified on the /system/audit page. The application fails to properly sanitize the username field before it is rendered in the audit log. An authenticated attacker...

PT-2025-38477

Name of the Vulnerable Software and Affected Versions LinkAce versions prior to 2.3.1 Description LinkAce is a self-hosted archive to collect website links. A Stored Cross-Site Scripting XSS vulnerability exists on the /system/audit page. The application does not properly sanitize the username...

LinkAce 跨站脚本漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Personal Developer. A cross-site scripting vulnerability exists in LinkAce versions prior to 2.3.1, which stems from not properly cleaning up the username field and could lead to a stored cross-site scripting...

CVE-2025-53838

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

CVE-2025-53838

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

CVE-2025-53838

LinkAce (prior to 2.1.9) is affected by a stored XSS vulnerability due to insufficient filtering/escaping of user-supplied data in link attributes. An attacker can save malicious JavaScript in the database, which executes in a user’s browser when a crafted link is clicked (one-click XSS). The iss...

CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

LinkAce 跨站脚本漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Personal Developer. A cross-site scripting vulnerability exists in LinkAce versions prior to 2.1.9 that stems from a stored cross-site scripting attack that could lead to arbitrary script execution...

CVE-2024-56507

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting XSS vulnerability exists in the LinkAce. This issue occurs in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before bein...

CVE-2024-56508

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads...

CVE-2024-56508

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads...

CVE-2024-56507

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting XSS vulnerability exists in the LinkAce. This issue occurs in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before bein...