Lucene search
K

548 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/02 7:38 p.m.8 views

CVE-2026-58579

RAGFlow before 0.26.3 stores an agent pipeline DSL node name without sanitization: the agent update endpoint normalizes the submitted DSL via normalizedsl, which only performs JSON serialization validation and preserves the node name verbatim. The dataflow-result web UI then renders that name int...

5.4CVSS5.9AI score0.00182EPSS
Exploits0References6
OSV
OSV
added 2026/07/02 7:38 p.m.4 views

CVE-2026-58579 RAGFlow < 0.26.3 - Stored Cross-Site Scripting via Agent Pipeline Node Name

RAGFlow before 0.26.3 stores an agent pipeline DSL node name without sanitization: the agent update endpoint normalizes the submitted DSL via normalizedsl, which only performs JSON serialization validation and preserves the node name verbatim. The dataflow-result web UI then renders that name int...

5.1CVSS6.1AI score0.00182EPSS
Exploits0References8
NVD
NVD
added 2026/07/01 9:17 p.m.6 views

CVE-2026-55660

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS0.00196EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 9:0 p.m.7 views

CVE-2026-55660

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS5.7AI score0.00196EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2026/07/01 9:0 p.m.37 views

CVE-2026-55660 TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS0.00196EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 9:0 p.m.31 views

CVE-2026-55660

CVE-2026-55660 : TinaCMS and Tinacms app prior to versions 2.5.6 / 3.9.3 allow cross-origin postMessage abuse due to window message listeners that do not validate event.origin/source and post to non-specific origins, combined with insufficient URL sanitization in rich-text content. This enables s...

7.6CVSS5.7AI score0.00196EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 1:45 p.m.3 views

CVE-2026-13602 Session takeover vulnerability

We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data: The payment integration plugins Stripe included in the core system, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect,...

9.4CVSS6AI score0.00239EPSS
Exploits0References12
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44733

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:47 p.m.8 views

CVE-2026-44733

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/26 7:47 p.m.12 views

CVE-2026-44733

CVE-2026-44733 affects OpenProject (open-source, web-based project management software). Before versions 17.3.2 and 17.4.0 , a Business Logic Error via PATCH to /api/v3/users/me could bypass password requirements. A password validation flaw in the change-password flow allowed password changes onl...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52902

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.2 OpenProject versions prior to 17.4.0 Description A business logic error exists in the password change behavior. This flaw allows an attacker who has achieved an active session takeover to bypass password...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References6
NVD
NVD
added 2026/06/23 6:18 p.m.10 views

CVE-2026-53662

immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting XSS vulnerability on the /auth/login page allows an attacker to fully compromise any authenticated user's account with a single link click. The contin...

9.6CVSS0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51576

Name of the Vulnerable Software and Affected Versions immich versions 4ffa26c9 through 4eb1003 Description A reflected cross-site scripting XSS issue exists on the '/auth/login' page. The continue query parameter is processed by SvelteKit's redirect function without proper scheme or origin...

9.6CVSS6AI score0.00235EPSS
Exploits0References6
OSV
OSV
added 2026/06/20 6:27 p.m.3 views

CVE-2026-56345 AVideo - Arbitrary User Session Hijacking via Meet Plugin uploadRecordedVideo Endpoint

AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...

9.2CVSS6.1AI score0.00295EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/19 9:15 p.m.6 views

TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

TinaCMS registers window message listeners — the useTina overlay handler, the OAuth authentication popup handler, and the admin↔preview iframe GraphQL reducer — that act on event.data without verifying event.origin or event.source, and post messages using non-specific target origins. A page the...

7.6CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software2
Patchstack
Patchstack
added 2026/06/19 9:15 p.m.7 views

NPM: TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

NPM: TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover vulnerability discovered by ? in WordPress Npm tinacms versions 3.9.3...

7.6CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.10 views

CVE-2026-34693

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's...

8CVSS5.5AI score0.00206EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-41839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a know...

4.2CVSS5.4AI score0.00197EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 6:30 p.m.21 views

EUVD-2026-32627

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

8.7CVSS5.9AI score0.0031EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 6:30 p.m.26 views

CVE-2026-42197

CVE-2026-42197 affects RELATE, a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 are vulnerable to a stored XSS via an unprivileged user profile. The vulnerability arises in the get_user() method of ParticipationAdmin, which renders user-controlled ...

8.7CVSS5.9AI score0.0031EPSS
Exploits0References3
Rows per page
Query Builder