Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-41200

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6AI score0.00332EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/05/02 5:49 a.m.88 views

Exploit for CVE-2026-41200

CVE-2026-41200 — STIG Manager OIDC Reflected XSS PoC Conceptu...

8.5CVSS6.1AI score0.00332EPSS
Exploits1
NVD
NVD
added 2026/04/23 2:16 a.m.7 views

CVE-2026-41200

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS0.00332EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:40 a.m.5 views

CVE-2026-41200

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6.1AI score0.00332EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/23 12:40 a.m.7 views

EUVD-2026-25158

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6.1AI score0.00332EPSS
Exploits1References1
OSV
OSV
added 2026/04/23 12:40 a.m.3 views

CVE-2026-41200 STIG Manager has reflected XSS vulnerability in the Web App

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6.2AI score0.00332EPSS
Exploits1References3
CVE
CVE
added 2026/04/23 12:40 a.m.20 views

CVE-2026-41200

STIG Manager versions 1.5.10–1.6.7 contain a reflected XSS in OIDC error handling (src/init.js, public/reauth.html) where error and error_description are written to the DOM via innerHTML without escaping. An attacker who composes a malicious redirect URL can cause JavaScript to run in the victim’...

8.5CVSS6.1AI score0.00332EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

STIG Manager 跨站脚本漏洞

STIG Manager is an information security compliance assessment management tool open source by NUWCDIVNPT. Versions 1.5.10 to 1.6.7 of STIG Manager have a cross-site scripting vulnerability. This vulnerability stems from improper handling of OIDC authentication errors, where innerHTML is written...

8.5CVSS5.6AI score0.00332EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.6 views

PT-2026-34595

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

8.5CVSS6.1AI score0.00332EPSS
Exploits1References2
Rows per page
Query Builder