33 matches found
CVE-2026-3268
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the Session Attribute Handler component. An attacker can modify or remove session attributes without proper authorization by sending crafted requests to the affected component. Remediation There is no...
EUVD-2026-8926
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
CVE-2026-3268
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
CVE-2026-3268
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
CVE-2026-3268 psi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access control
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
CVE-2026-3268
CVE-2026-3268 affects psi-probe up to 5.3.0. The vulnerability is located in psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java (Session Attribute Handler) and is caused by a manipulation that leads to improper access controls. Attacks can be initiated r...
CVE-2026-3268
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
CVE-2026-3268 psi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access control
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
PT-2026-22227
Name of the Vulnerable Software and Affected Versions PSI Probe versions up to 5.3.0 Description A flaw exists in PSI Probe that involves improper access controls. This issue is related to a function within the...
CVE-2025-67741
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
EUVD-2025-202695
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
CVE-2025-67741
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
CVE-2025-67741
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
CVE-2025-67741
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
CVE-2025-67741
CVE-2025-67741 : JetBrains TeamCity versions before 2025.11 are affected by a stored XSS vulnerability via a session attribute. Root cause and impact are described in connected advisories; exploitation would involve injecting/script execution within the victim’s browser under the user’s context. ...
CVE-2025-67741
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
PT-2025-50627
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute...
CVE-2021-4461
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
EUVD-2010-0634
Malware in sbrugna...