143 matches found
CVE-2025-40709 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40709
OpenAtlas v8.9.0 is affected by a Cross-Site Scripting (XSS) vulnerability due to inadequate validation of user input in POST requests to /insert/person/, specifically the name and alias-0 parameters. The issue could allow a remote, authenticated attacker to craft queries that steal session cooki...
CVE-2025-40709 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40708 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40708 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40708
OpenAtlas v8.9.0 is affected by a Cross-Site Scripting (XSS) flaw triggered by insufficient validation of the name field in the POST /insert/event API. An attacker could craft queries to an authenticated user and potentially steal session cookie details. The issue is corroborated by multiple sour...
CVE-2025-40707 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40707
OpenAtlas v8.9.0 contains a Cross-Site Scripting (XSS) flaw due to inadequate validation of POST input. The vulnerability affects the /insert/place endpoint, specifically the name and alias-0 parameters, enabling a remote attacker to craft queries that could steal session cookie details from an a...
CVE-2025-40707 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40706
The CVE-2025-40706 entry concerns OpenAtlas v8.9.0 (ACDH-CH). Affects the OpenAtlas insert/source endpoint where the POST parameter name is inadequately validated, enabling Cross-Site Scripting (XSS). The vulnerability could allow a remote attacker to craft requests to an authenticated user and s...
CVE-2025-40706 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40706 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40705
OpenAtlas 8.9.0 is affected by a Cross-Site Scripting (XSS) vulnerability caused by inadequate validation of user input in a POST to /insert/acquisition (name parameter). This could allow a remote attacker to craft queries that are processed for an authenticated user, potentially exfiltrating ses...
CVE-2025-40705 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40705 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40704
The CVE-2025-40704 entry concerns OpenAtlas v8.9.0 (ACDH-CH). Affected component is the POST /insert/edition endpoint, with the vulnerability due to inadequate validation of the name parameter in user input. This can allow a remote attacker to craft queries that reach an authenticated user and po...
CVE-2025-40704 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40704 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40703 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40703
CVE-2025-40703 describes a Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 (ACDH-CH). The issue arises from inadequate validation of user input in a POST request to the “/insert/group” endpoint, specifically the parameters “name” and “alias-0”. A remote attacker could craft inputs to...