5 matches found
CVE-2026-34033
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. User-supplied content was included in notification emails without proper escaping, allowing authenticated users to inject arbitrary HTML int...
CVE-2025-59334 Linkr allows manifest tampering leading to arbitrary file injection
Linkr is a lightweight file delivery system that downloads files from a webserver. Linkr versions through 2.0.0 do not verify the integrity or authenticity of .linkr manifest files before using their contents, allowing a tampered manifest to inject arbitrary file entries into a package...
PT-2025-34801 · Firecrawl · Firecrawl
Name of the Vulnerable Software and Affected Versions: Firecrawl versions prior to 2.0.1 Description: Firecrawl is a tool that converts websites into LLM-ready markdown or structured data. A server-side request forgery SSRF vulnerability exists in the webhook functionality of Firecrawl...
GHSA-23C7-6444-399M Improper Input Validation in sopel-plugins.channelmgnt
Impact On some IRC servers, restrictions around the removal of the bot using the kick/kickban command could be bypassed when kicking multiple users at once. We also believe it may have been possible to remove users from other channels but due to the wonder that is IRC and following RfCs, We have ...
Cross Site Scripting Vulnerability in phpBB2's [IMG] tag and remote avatar
phpBB2 Cross Site Scripting Vulnerability -------------------------------------------- Affected Program: phpBB2 version 2.0.0 possibly earlier versions too, but not tested Vendor: http://www.phpbb.com Vendor Status: informed on 24/04/2002, fixed issued on 20/05/2002 Discovery Date: 24/04/2002...