115 matches found
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
Cross-site Scripting (XSS)
Overview piranha is an a complete rewrite of Piranha CMS for .NET Core. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Name field in the Media module. An attacker can execute arbitrary web scripts or HTML by injecting crafted payloads. Details Cross-site...
GHSA-83FP-HH9M-C2JQ Piranha has stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
Piranha has stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67291
CVE-2025-67291 affects Piranha CMS, Media module in version 12.1. The vulnerability is a stored XSS: an attacker can inject a crafted payload into the Name field, leading to execution of arbitrary web scripts/HTML in a user’s browser. Documents from multiple sources (NVD, Red Hat, OSV) confirm th...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
PT-2025-52685
Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Media module. An attacker can inject a crafted payload into the Name field to execute arbitrary web scripts or HTML. Recommendations At the moment, ther...
Google Chrome on Windows Media Module Improperly Implemented Vulnerability
Google Chrome on Windows is a web browser developed by Google Inc. that supports Windows 10 and later systems and provides a fast and secure web browsing experience. Google Chrome on Windows suffers from a Media module misimplementation vulnerability, which can be exploited by attackers to...
Huawei HarmonyOS media module privilege control vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS media module, which can be exploited by an attacker to compromise the confidentiality of a...
CVE-2025-58285
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality...
EUVD-2025-33807
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58285
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58285
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58285
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58285
CVE-2025-58285 maps to Huawei HarmonyOS media module privilege control vulnerability. Affected component: HarmonyOS media module; root cause described as a privilege/permission control issue leading to potential service confidentiality leakage. Impact: confidentiality of the service may be affect...
CVE-2025-58285
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality...
PT-2025-41637
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A permission control issue exists in the media module. Successful exploitation could impact the confidentiality of the service. Recommendations At the moment, there is no...