Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:19 p.m.13 views

CVE-2020-2173

Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content...

5.4CVSS6AI score0.00705EPSS
Exploits0
NVD
NVD
added 2025/04/26 9:15 p.m.22 views

CVE-2025-46655

CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS through uploaded SVG documents containing JavaScript, but it can be bypassed in certain cases of different-origin file storage, such as AWS S3. NOTE: it can be considered a user error if AWS is employed for hosting untrusted...

4.9CVSS0.00202EPSS
Exploits0References2
Hacker One
Hacker One
added 2024/05/22 7:33 p.m.8 views

Glassdoor: Cross-Site Leakage of Review Ownership via Navigation Detection

A vulnerability allowed detection of user login status by exploiting differences in Cross-Origin-Opener-Policy COOP headers between authenticated and unauthenticated states on the website. The issue was addressed by implementing consistent COOP headers across all domains...

5.9AI score
Exploits0
OSV
OSV
added 2024/05/03 3:15 a.m.5 views

CVE-2023-38125

Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability. The...

8.8CVSS5.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.4 views

PT-2023-4656 · Softing · Softing Edgeaggregator

Name of the Vulnerable Software and Affected Versions: Softing edgeAggregator affected versions not specified Description: The issue is related to the lack of protection for the web page structure in Softing edgeAggregator, allowing remote attackers to execute arbitrary code with root privileges...

8.8CVSS7.8AI score0.01063EPSS
Exploits0References5
Rows per page
Query Builder