GO-2026-4552 Vikunja has Reflected HTML Injection via filter Parameter in its Projects Module in code.vikunja.io/api

Vikunja has Reflected HTML Injection via filter Parameter in its Projects Module in code.vikunja.io/api...

CVE-2026-27116

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, a reflected HTML injection vulnerability exists in the Projects module where the filter URL parameter is rendered into the DOM without output encoding when the user clicks "Filter." While...

CVE-2026-27116

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, a reflected HTML injection vulnerability exists in the Projects module where the filter URL parameter is rendered into the DOM without output encoding when the user clicks "Filter." While and are blocked, , ,...

EUVD-2026-8749

Vikunja has Reflected HTML Injection via filter Parameter in its Projects Module...

CVE-2026-27116 Vikunja has Reflected HTML Injection via filter Parameter in Projects Module

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, a reflected HTML injection vulnerability exists in the Projects module where the filter URL parameter is rendered into the DOM without output encoding when the user clicks "Filter." While and are blocked, , ,...

CVE-2026-27116

Vikunja has a reflected HTML injection in the Projects module prior to version 2.0.0: the URL parameter filter is rendered into the DOM without output encoding when clicking “Filter.” Scripts/iframes are blocked, but SVG, links, and formatting tags may render, enabling SVG-based phishing buttons,...

CVE-2026-27116 Vikunja has Reflected HTML Injection via filter Parameter in Projects Module

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, a reflected HTML injection vulnerability exists in the Projects module where the filter URL parameter is rendered into the DOM without output encoding when the user clicks "Filter." While and are blocked, , ,...

Vikunja 安全漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.0.0 contained security vulnerabilities. These vulnerabilities stemmed from the filter parameters in the Projects module being rendered into the DOM without proper encoding, which could lead...

dotproject 2.1.5 Xss / Sql Injection Vulnerabilities

Exploit for php platform in category web applications author: lemlajt software : dotproject version: 2.1.5 tested on: linux cve : PoC : http://localhost/www/cmsadmins/dotpro/dotproject/fileviewer.php?fileid=' in src: 2 ./dotproject/fileviewer.php:127 dbloadHash'SELECT FROM dotpfiles WHERE fileid ...