Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/12/30 12:0 a.m.24 views

CVE-2025-66824

A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...

0.00261EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.11 views

TrueConf Server 安全漏洞

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.5.2.10813, which stems from improper cleanup of user input in the Meeting Location field and could lead to a stored cross-site...

8.7CVSS5.6AI score0.00261EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-54215

Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.5.2.10813 Description A Stored Cross-Site Scripting XSS issue exists in the Meeting location field within the Create/Edit Conference functionality. The issue is due to improper sanitization of user-supplied input in t...

8.7CVSS5.3AI score0.00261EPSS
Exploits1References7
CVE
CVE
added 2025/12/30 12:0 a.m.17 views

CVE-2025-66824

TrueConf Server v5.5.2.10813 is affected by a Stored XSS in the Meeting location field (Create/Edit Conference) where input in the meeting_room parameter is stored and executed on the Conference Info page, enabling full Account Takeover (ATO). Root cause: improper sanitization of user-supplied in...

8.7CVSS4.9AI score0.00261EPSS
Exploits1References2Affected Software1
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.4 views

Security update 1970-01-01

...

5.3AI score
Exploits0
Rows per page
Query Builder