36088 matches found
GHSA-2XM2-23FF-P8WW Formie has XSS vulnerability for email notification content for preview
Impact It is possible to inject malicious code into the HTML content of an email notification, which is then rendered on the preview. There is no issue when rendering the email via normal means a delivered email. This would require access to the form's email notification settings. Patches This ha...
Formie has XSS vulnerability for email notification content for preview
Impact It is possible to inject malicious code into the HTML content of an email notification, which is then rendered on the preview. There is no issue when rendering the email via normal means a delivered email. This would require access to the form's email notification settings. Patches This ha...
CVE-2025-32547
Cross-Site Request Forgery CSRF vulnerability in gtlwpdev All push notification for WP all-push-notification allows Blind SQL Injection.This issue affects All push notification for WP: from n/a through = 1.5.3...
CVE-2025-31354
Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the HTML content of email notification settings. An attacker can inject malicious scripts by crafting malicious inputs that are rendered in the preview mode. Note: This is only exploitable if the attacker ha...
CVE-2025-32426 Formie has a XSS vulnerability for email notification content for preview
Formie is a Craft CMS plugin for creating forms. Prior to version 2.1.44, it is possible to inject malicious code into the HTML content of an email notification, which is then rendered on the preview. There is no issue when rendering the email via normal means a delivered email. This would requir...
CVE-2025-32426 Formie has a XSS vulnerability for email notification content for preview
Formie is a Craft CMS plugin for creating forms. Prior to version 2.1.44, it is possible to inject malicious code into the HTML content of an email notification, which is then rendered on the preview. There is no issue when rendering the email via normal means a delivered email. This would requir...
expresodeoriente.com.ar Cross Site Scripting vulnerability OBB-4043613
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
stb-web.de Cross Site Scripting vulnerability OBB-4043558
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
test4u.eu Cross Site Scripting vulnerability OBB-4043556
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
marvel-auto.com.tw Cross Site Scripting vulnerability OBB-4043550
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
reuzenhuis.be Cross Site Scripting vulnerability OBB-4043547
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
messmittel-exakt.de Cross Site Scripting vulnerability OBB-4043504
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
kaizers.konzertjunkie.de Cross Site Scripting vulnerability OBB-4043458
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
weingutbaecker.de Cross Site Scripting vulnerability OBB-4043433
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
90shome.com Cross Site Scripting vulnerability OBB-4043285
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
gamweb.com Cross Site Scripting vulnerability OBB-4043261
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
equipmentrentaldirect.com Cross Site Scripting vulnerability OBB-4043176
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[SECURITY] Fedora 41 Update: zabbix-7.0.11-1.fc41
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
PT-2025-16128 · Subnet Solutions · Subnet Solutions Powersystem Center
Name of the Vulnerable Software and Affected Versions: Subnet Solutions PowerSYSTEM Center affected versions not specified Description: The issue arises when an EC certificate with crafted F2m parameters is imported, affecting the SMTPS notification service. This can lead to excessive CPU...