Lucene search
K

17435 matches found

NVD
NVD
added yesterday6 views

CVE-2026-31981

A Stored HTML Injection vulnerability was discovered in the Diagram tab and Graph view due to a shared input validation function being insufficiently restrictive. An authenticated user with administrative privileges can inject malicious HTML tags into N2OS configuration data through multiple inpu...

5.9CVSS
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-31982

An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday9 views

CVE-2026-31982 Open Redirect in SAML Single Sign-On in Guardian/CMC before 26.2.0

An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...

7.1CVSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-31982

The connected records identify CVE-2026-31982 as an Open Redirect vulnerability in SAML Single Sign-On affecting Guardian/CMC prior to version 26.2.0. The root cause is insufficient validation of a user-controlled redirection parameter in the SAML sign-in endpoint, enabling an unauthenticated att...

7.1CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-31982

An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...

7.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-42532

An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...

7.1CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-31981 HTML injection in Diagram tab and Graph view in Guardian/CMC before 26.2.0

A Stored HTML Injection vulnerability was discovered in the Diagram tab and Graph view due to a shared input validation function being insufficiently restrictive. An authenticated user with administrative privileges can inject malicious HTML tags into N2OS configuration data through multiple inpu...

5.9CVSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42531

A Stored HTML Injection vulnerability was discovered in the Diagram tab and Graph view due to a shared input validation function being insufficiently restrictive. An authenticated user with administrative privileges can inject malicious HTML tags into N2OS configuration data through multiple inpu...

5.9CVSS6AI score
Exploits0References1
Nuclei
Nuclei
added yesterday60 views

Gradio - Open Redirect

Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can lead to phishing attacks and loss of trust in the application. id: CVE-2024-8021 info: name: Gradio - Open Redirect author: DhiyaneshDK severity: medium description: | Gradio...

6.1CVSS6.1AI score0.00723EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday1016 views

Moodle LTI module Reflected - Cross-Site Scripting

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...

6.1CVSS6.5AI score0.03747EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday86 views

Stable Diffusion Webui 1.10.0 - Open Redirect

An open redirect vulnerability exists in Stable-Diffusion-Webui 1.10.0, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-11044...

6.1CVSS6.4AI score0.00816EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday147 views

Odoo <= 8.0-20160726 & 9.0 - Open Redirect

An Open Redirect vulnerability in Odoo versions = 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL. id: CVE-2017-5871 info: name: Odoo = 8.0-20160726 & 9.0 - Open Redirect author: 1337rokudenashi severity: medium description: | An Open...

5.8CVSS6.2AI score0.02676EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday52 views

Gradio - Open Redirect

An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting XSS, Server-Side Request Forgery SSRF, amongst others. This...

6.1CVSS6.2AI score0.01021EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday71 views

EyouCMS 1.5.4 Open Redirect

EyouCMS 1.5.4 is vulnerable to an Open Redirect vulnerability. An attacker can redirect a user to a malicious url via the Logout function. id: CVE-2021-39501 info: name: EyouCMS 1.5.4 Open Redirect author: 0xAkoko severity: medium description: EyouCMS 1.5.4 is vulnerable to an Open Redirect...

6.1CVSS6.5AI score0.03604EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday52 views

Noptin < 1.6.5 - Open Redirect

Noptin 1.6.5 is susceptible to an open redirect vulnerability. The plugin does not validate the "to" parameter before redirecting the user to its given value, leading to an open redirect issue. id: CVE-2021-25033 info: name: Noptin 1.6.5 - Open Redirect author: dhiyaneshDk severity: medium...

6.1CVSS6.4AI score0.02682EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday69 views

Rudloff alltube prior to 3.0.1 - Open Redirect

An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions prior to 3.0.1. id: CVE-2022-0692 info: name: Rudloff alltube prior to 3.0.1 - Open Redirect...

6.1CVSS6.1AI score0.03378EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday68 views

Uncanny Toolkit for LearnDash - Open Redirection

A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. id: CVE-2023-34020 info: name: Uncanny Toolk...

6.1CVSS7.1AI score0.00963EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday48 views

GPT Academic v1.3.9 - Open Redirect

An open redirect vulnerability exists in GPT Academic v1.3.9, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-10812 info: name:...

6.1CVSS6.4AI score0.00574EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday116 views

ServiceNow - Cross-site Scripting

A XSS vulnerability was identified in the ServiceNow UI page assessmentredirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks,...

6.1CVSS6.4AI score0.01089EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday80 views

TikiWiki CMS Groupware v8.3 - Open Redirect

tiki-featuredlink.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection id: CVE-2012-5321 info: name: TikiWiki CMS Groupware v8.3 - Open Redirect author: ctflearner severity:...

5.8CVSS5.9AI score0.1291EPSS
Exploits1References4
Rows per page
Query Builder