Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/23 4:47 p.m.6 views

CVE-2026-54011

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

8.7CVSS6AI score0.002EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/06 4:33 p.m.4 views

CVE-2026-29082 Kestra: Stored Cross-Site Scripting in Markdown File Preview

Kestra is an event-driven orchestration platform. In versions from 1.1.10 and prior, Kestra’s execution-file preview renders user-supplied Markdown .md with markdown-it instantiated as html:true and injects the resulting HTML with Vue’s v-html without sanitisation. At time of publication, there a...

7.3CVSS5.8AI score0.00232EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2024/08/30 10:5 a.m.3 views

SUSE CVE-2024-43805

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...

7.6CVSS7.1AI score0.00373EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.9 views

PT-2024-30672

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 3.6.8 JupyterLab versions prior to 4.2.5 Jupyter Notebook versions prior to 7.2.2 Description This issue depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using...

8.8CVSS6.8AI score0.00373EPSS
Exploits0References29
CNNVD
CNNVD
added 2022/02/14 12:0 a.m.5 views

K-Box 跨站脚本漏洞

K-Box is a web-based application used to manage document, image, video and geographic data. A cross-site scripting vulnerability exists in K-Box, which stems from the fact that the editors of the product's user document summaries and markdown file previews do not securely handle special character...

6.1CVSS5.4AI score0.00475EPSS
Exploits0References3
Rows per page
Query Builder