Lucene search
K

143 matches found

Cvelist
Cvelist
added 2025/08/29 11:18 a.m.7 views

CVE-2025-40709 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:18 a.m.18 views

CVE-2025-40709

OpenAtlas v8.9.0 is affected by a Cross-Site Scripting (XSS) vulnerability due to inadequate validation of user input in POST requests to /insert/person/, specifically the name and alias-0 parameters. The issue could allow a remote, authenticated attacker to craft queries that steal session cooki...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/29 11:18 a.m.1 views

CVE-2025-40709 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS5.5AI score0.00201EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/29 11:18 a.m.2 views

CVE-2025-40708 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS5.5AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 11:18 a.m.6 views

CVE-2025-40708 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:18 a.m.20 views

CVE-2025-40708

OpenAtlas v8.9.0 is affected by a Cross-Site Scripting (XSS) flaw triggered by insufficient validation of the name field in the POST /insert/event API. An attacker could craft queries to an authenticated user and potentially steal session cookie details. The issue is corroborated by multiple sour...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/29 11:17 a.m.5 views

CVE-2025-40707 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:17 a.m.15 views

CVE-2025-40707

OpenAtlas v8.9.0 contains a Cross-Site Scripting (XSS) flaw due to inadequate validation of POST input. The vulnerability affects the /insert/place endpoint, specifically the name and alias-0 parameters, enabling a remote attacker to craft queries that could steal session cookie details from an a...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/29 11:17 a.m.1 views

CVE-2025-40707 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS5.5AI score0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:17 a.m.21 views

CVE-2025-40706

The CVE-2025-40706 entry concerns OpenAtlas v8.9.0 (ACDH-CH). Affects the OpenAtlas insert/source endpoint where the POST parameter name is inadequately validated, enabling Cross-Site Scripting (XSS). The vulnerability could allow a remote attacker to craft requests to an authenticated user and s...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/29 11:17 a.m.5 views

CVE-2025-40706 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/29 11:17 a.m.1 views

CVE-2025-40706 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS5.5AI score0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:17 a.m.20 views

CVE-2025-40705

OpenAtlas 8.9.0 is affected by a Cross-Site Scripting (XSS) vulnerability caused by inadequate validation of user input in a POST to /insert/acquisition (name parameter). This could allow a remote attacker to craft queries that are processed for an authenticated user, potentially exfiltrating ses...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/29 11:17 a.m.1 views

CVE-2025-40705 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS5.5AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 11:17 a.m.5 views

CVE-2025-40705 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:17 a.m.16 views

CVE-2025-40704

The CVE-2025-40704 entry concerns OpenAtlas v8.9.0 (ACDH-CH). Affected component is the POST /insert/edition endpoint, with the vulnerability due to inadequate validation of the name parameter in user input. This can allow a remote attacker to craft queries that reach an authenticated user and po...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/29 11:17 a.m.5 views

CVE-2025-40704 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/29 11:17 a.m.1 views

CVE-2025-40704 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS5.5AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 11:16 a.m.4 views

CVE-2025-40703 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

5.1CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 11:16 a.m.15 views

CVE-2025-40703

CVE-2025-40703 describes a Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 (ACDH-CH). The issue arises from inadequate validation of user input in a POST request to the “/insert/group” endpoint, specifically the parameters “name” and “alias-0”. A remote attacker could craft inputs to...

5.4CVSS5.5AI score0.00201EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder