155 matches found
CVE-2025-66823
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The payload will be triggered when the victim opens the Conference Info page conference url/info...
CVE-2025-66834
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name...
EUVD-2025-205848
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The payload will be triggered when the victim opens the Conference Info page conference url/info...
EUVD-2025-205839
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name...
EUVD-2025-205838
A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...
CVE-2025-66823
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The payload will be triggered when the victim opens the Conference Info page conference url/info...
CVE-2025-66823
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The payload will be triggered when the victim opens the Conference Info page conference url/info...
CVE-2025-66824
A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...
CVE-2025-66824
A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...
CVE-2025-66834
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name...
CVE-2025-66834
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name...
CVE-2025-66823
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The payload will be triggered when the victim opens the Conference Info page conference url/info...
CVE-2025-66824
A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...
CVE-2025-66834
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name...
TrueConf Server 安全漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.5.2.10813, which stems from a vulnerability that allows injection of malicious spreadsheet formulas via specially crafted displa...
TrueConf Server 安全漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf server version 5.5.2.10813, which stems from the presence of HTML injection in the meeting description field, which could lead to the injection o...
PT-2025-54221
Name of the Vulnerable Software and Affected Versions TrueConf versions 5.5.2.10813 Description A flaw exists in TrueConf server version 5.5.2.10813 that allows for the injection of arbitrary HTML code through the conference description field. This issue is present in the Create/Edit conference...
TrueConf Server 安全漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.5.2.10813, which stems from improper cleanup of user input in the Meeting Location field and could lead to a stored cross-site...
CVE-2025-66834
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name...
CVE-2025-66824
A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...