19 matches found
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
EUVD-2026-9824
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
PT-2026-23454
Name of the Vulnerable Software and Affected Versions Koha versions 25.11 and earlier Description A Cross Site Scripting issue exists in Koha. A remote attacker may be able to execute arbitrary code through the News function. The issue allows for the injection of malicious scripts into web pages...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
The vulnerability described for CVE-2026-26377 affects Koha 25.11 and earlier, with a Cross Site Scripting flaw in the News function. This could let a remote attacker influence the application and potentially execute arbitrary code. The description does not provide specific affected components be...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
YiiCMS Cross-Site Scripting Vulnerability
YiiCMS is an enterprise website system developed with yii2. A cross-site scripting XSS vulnerability exists in YiiCMS version 1.0. An attacker can exploit this vulnerability to execute arbitrary code via the news function...
YiiCMS Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in YiiCMS v.1.2.0 and prior allows a remote attacker to execute arbitrary code via the news function...
GHSA-GQR4-CVF4-3957 YiiCMS Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in YiiCMS v.1.2.0 and prior allows a remote attacker to execute arbitrary code via the news function...
CVE-2020-21246
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
CVE-2020-21246
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
Cross site scripting
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
CVE-2020-21246
YiiCMS contains a Cross-Site Scripting vulnerability in version 1.0 (and affecting 1.2.0 and prior) where a malicious user can exploit the NEWS function to execute arbitrary code. The issue is documented across multiple sources (NVD entry CVE-2020-21246, CNVD, GHSA, OSV, GitHub advisories, Red Ha...
PT-2023-11579 · Yiicms · Yiicms
Name of the Vulnerable Software and Affected Versions: YiiCMS versions 1.2.0 and prior YiiCMS version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the news function, which is affected by a Cross Site Scripting vulnerability. Recommendations: For YiiCMS version...
CVE-2020-21246
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
YiiCMS 跨站脚本漏洞
YiiCMS is an enterprise website system developed with yii2. A cross-site scripting XSS vulnerability exists in YiiCMS version 1.0. An attacker can exploit this vulnerability to execute arbitrary code via the news function...