Postorius 跨站脚本漏洞

Postorius is an open-source web application developed by GNU Mailman for managing email lists. Versions of Postorius 1.3.13 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of escaping of HTML in the message titles when these titles were rendere...

CVE-2021-47737

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks...

CVE-2021-47737

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks...

CVE-2021-47737

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks...

CVE-2021-47737

CSZ CMS 1.2.7 exposes an HTML injection vulnerability in the member messaging system. The issue allows authenticated users to inject HTML hyperlinks into message titles by crafting POST requests to the member dashboard, enabling potential phishing or social engineering. Impact is limited to HTML ...

CVE-2021-47737 CSZ CMS 1.2.7 HTML Injection Vulnerability via Member Dashboard

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks...

PT-2025-52837

Name of the Vulnerable Software and Affected Versions CSZ CMS version 1.2.7 Description An HTML injection issue exists in CSZ CMS that permits authenticated users to inject malicious hyperlinks into message titles. Attackers can create POST requests to the member messaging system using HTML-based...

EUVD-2005-2229

Malware in sbrugna...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email, and chat rooms. Discourse suffers from an information disclosure vulnerability that stems from the fact that when the option to allow PM tags for groups...

PostBoard 2.0 Topic Title Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4561/info PostBoard is a freely available, open source message board module for the PostNuke content management system. It is designed for use on the Unix and Linux operating systems. PostBoard does not adequately sanitiz...

DEBIAN-CVE-2009-0359

Multiple cross-site scripting XSS vulnerabilities in Samizdat before 0.6.2 allow remote authenticated users to inject arbitrary web script or HTML via the 1 message title or 2 user full name...

CVE-2005-2228

Web Wiz Forums 7.9 and 8.0 are affected by a vulnerability that allows remote attackers to view message titles of a hidden forum. The referenced CVE-2005-2228 entry notes network-based access with low attack complexity and no authentication, yielding partial confidentiality impact. No explicit ex...

CVE-2005-2228

Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum...