16 matches found
SUSE CVE-2026-21483
listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...
CVE-2026-21483
listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...
listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover
Security Advisory: Stored XSS Leading to Admin Account Takeover Affected Versions: ≤ 5.1.0 Vulnerability Type: CWE-79: Stored Cross-Site Scripting --- Summary A lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a...
CVE-2026-21483
listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...
CVE-2026-21483 listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover
listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...
CVE-2026-21483
CVE-2026-21483 affects listmonk prior to 6.0.0. A lower-privileged user with campaign-management permissions can inject malicious JavaScript into campaigns or templates. When a Super Admin views or previews the content, a stored XSS executes in the admin’s browser context, enabling actions such a...
EUVD-2026-0751
listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...
CVE-2026-21483 listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover
listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0, lower-privileged user with campaign management permissions can inject malicious JavaScript into campaigns or templates. When a higher-privileged user Super Admin views or previews this content, the...
PT-2026-1133
Name of the Vulnerable Software and Affected Versions listmonk versions prior to 6.0.0 Description listmonk is a self-hosted newsletter and mailing list manager. A user with campaign management permissions, but lower privileges, can inject malicious JavaScript into campaigns or templates. When a...
Exploit for CVE-2025-65409
VulnerabilityDisclosures Personal vulnerability advisories a...
CVE-Disclosures
CVE-Disclosures This repository, "CVE Disclosures", serves as...
exploitdb
The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...
Twitter Disrupts Wide-Ranging Political Disinformation Campaigns
Twitter has taken down three separate nation-sponsored influence operations, attributed to the People’s Republic of China PRC, Russia and Turkey. Collectively the operations consisted of 32,242 bogus or bot accounts generating the content and various amplifier accounts that retweeted it. “Every...
exploitdb
The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...
mailman security and bug fix update
3:2.1.12-25 - fix CVE-2002-0389 - local users able to read private mailing list archives 3:2.1.12-24 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.12-23 - fix 1095359 - handle update when some mailing lists have been created by newer Mailman than this one 3:2.1.12-22 - fix...
Aconon Mail 2004 Remote Directory Traversal Vulnerability
No description provided by source. Application: acononR Mail Affected versions: probably all known, tested against 2007 Enterprise SQL 11.7.0 and 2004 Enterprise SQL 11.5.1 Affected plattforms: every, Aconon runs at Win32, Linux, Solaris ... Exploitation: remote Description: Aconon Mail is a...