Lucene search
+L

223 matches found

nuclei
nuclei
added yesterday17 views

Astro - Unauthorized Third-Party Image Access

Astro 5.13.2 and 4.16.18 contains an information disclosure vulnerability caused by improper validation of protocol-relative URLs in the image optimization endpoint, letting attackers serve images from unauthorized third-party domains, exploit requires on-demand rendering deployment. id:...

6.9CVSS6.1AI score0.00594EPSS
Exploits1References2
osv
osv
added 2026/07/09 12:55 p.m.3 views

OESA-2026-2968 rubygem-faraday security update

HTTP/REST API client library Security Fixes: Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a...

7.5CVSS6.2AI score0.00391EPSS
Exploits1References3
osv
osv
added 2026/07/09 12:54 p.m.7 views

OESA-2026-2967 rubygem-faraday security update

HTTP/REST API client library Security Fixes: Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a...

7.5CVSS6.2AI score0.00391EPSS
Exploits1References3
osv
osv
added 2026/07/06 6:25 a.m.6 views

OESA-2026-2802 rubygem-faraday security update

HTTP/REST API client library Security Fixes: Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a...

7.5CVSS6.1AI score0.00391EPSS
Exploits1References3
nvd
nvd
added 2026/06/23 9:16 p.m.8 views

CVE-2026-47377

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that...

5.1CVSS0.00239EPSS
Exploits0References1
euvd
euvd
added 2026/06/23 12:30 a.m.12 views

EUVD-2026-38378

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References5
nvd
nvd
added 2026/06/22 10:16 p.m.9 views

CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS0.00191EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/22 9:4 p.m.23 views

CVE-2026-56697 Nuxt - Open Redirect via Protocol-Relative Paths in reloadNuxtApp

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS0.00191EPSS
Exploits0References4
cve
cve
added 2026/06/22 9:4 p.m.16 views

CVE-2026-56697

Nuxt security note: Nuxt versions 4.0.0–4.4.6 and 3.x before 3.21.7 are affected by an open redirect in the reloadNuxtApp function. Protocol-relative paths like //evil.com pass the script-protocol check but resolve to a cross-origin URL against the current page protocol, enabling attackers to red...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References4Affected Software1
attackerkb
attackerkb
added 2026/06/22 9:4 p.m.4 views

CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References5Affected Software1
osv
osv
added 2026/06/22 9:4 p.m.4 views

CVE-2026-56697 Nuxt - Open Redirect via Protocol-Relative Paths in reloadNuxtApp

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

5.3CVSS6AI score0.00234EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/22 12:0 a.m.18 views

PT-2026-51416

Name of the Vulnerable Software and Affected Versions Nuxt versions 3.x prior to 3.21.7 Nuxt versions 4.0.0 through 4.4.6 Description The reloadNuxtApp function accepts protocol-relative paths, such as //evil.com. These paths bypass the script-protocol check and resolve to a cross-origin URL base...

6.1CVSS5.8AI score0.00191EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/06/18 6:42 p.m.9 views

CVE-2026-40181

A flaw was found in React Router. This vulnerability allows a remote attacker to redirect users to an external, potentially malicious, website. This occurs when specially crafted URLs, containing paths starting with //, are passed to the redirect function, causing them to be misinterpreted as...

8.7CVSS5.3AI score0.00162EPSS
Exploits0References4
nessus
nessus
added 2026/06/18 12:0 a.m.10 views

Siemens RUGGEDCOM RST2428P Insertion of Sensitive Information Into Sent Data (CVE-2025-66035)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential...

7.7CVSS6.3AI score0.00584EPSS
Exploits0References4
github
github
added 2026/06/16 1:47 p.m.12 views

Nuxt: URL-handling weaknesses in `navigateTo` and `reloadNuxtApp`: SSR open redirect, client-side script execution via the `open` option, and protocol-relative bypass in `reloadNuxtApp`

Summary Three weaknesses in Nuxt's client-navigation URL handling, all reachable from documented public APIs navigateTo and reloadNuxtApp: 1. SSR open redirect in navigateTo via path-normalisation bypass. navigateTo decided whether a target was external by inspecting the raw input with...

6.1CVSS5.6AI score0.00205EPSS
Exploits0References10Affected Software1
patchstack
patchstack
added 2026/06/16 1:47 p.m.14 views

NPM: Nuxt: URL-handling weaknesses in `navigateTo` and `reloadNuxtApp`: SSR open redirect, client-side script execution via the `open` option, and protocol-relative bypass in `reloadNuxtApp`

NPM: Nuxt: URL-handling weaknesses in navigateTo and reloadNuxtApp: SSR open redirect, client-side script execution via the open option, and protocol-relative bypass in reloadNuxtApp vulnerability discovered by ? in WordPress Npm nuxt versions 3.21.7...

6.1CVSS6AI score0.00205EPSS
Exploits0References10Affected Software1
nvd
nvd
added 2026/06/10 6:16 p.m.19 views

CVE-2026-20256

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS0.00252EPSS
Exploits0References1
cve
cve
added 2026/06/10 5:15 p.m.20 views

CVE-2026-20256

Splunk Enterprise (versions < 10.2.4, 10.0.7, 9.4.12, 9.3.13) and Splunk Cloud Platform (versions

5.7CVSS5.4AI score0.00252EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2026/06/10 5:15 p.m.12 views

EUVD-2026-36080

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS5.4AI score0.00252EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/10 5:15 p.m.31 views

CVE-2026-20256 Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS0.00252EPSS
Exploits0References1
Rows per page
Query Builder