Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/27 5:33 a.m.4 views

CVE-2026-22743 Server-Side Request Forgery via Filter Expression Keys in Neo4jVectorStore

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS5.9AI score0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.6 views

PT-2024-39041 · Unknown · Wifiburada

Name of the Vulnerable Software and Affected Versions: WiFiBurada versions prior to 1.0.5 Description: The issue is related to an authentication bypass by assumed-immutable data, allowing the manipulation of user-controlled variables. This can potentially be exploited to gain unauthorized access...

6.5CVSS7.7AI score0.00369EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.6 views

PT-2024-27812 · Ckeditor · Ckeditor Open Link Plugin

Name of the Vulnerable Software and Affected Versions: CKEditor Open Link plugin versions prior to 1.0.5 Description: The issue allows execution of JavaScript code by abusing the link href attribute. It affects users of the Open Link plugin. Recommendations: For versions prior to 1.0.5, update to...

6.1CVSS7.5AI score0.00856EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.3 views

PT-2023-16622 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.5 Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the GitHub repository answerdev/answer. Cross-site Scripting XSS is a type of security vulnerability that occurs wh...

6.3CVSS6.2AI score0.00393EPSS
Exploits1References9
Rows per page
Query Builder