Cross-site Scripting (XSS)

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering process of user group names on the user permissions page. An attacker can execute arbitrary JavaScript code in the context of another user's browser...

CVE-2025-11672

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain user group names...

CVE-2025-11672

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain user group names...

CVE-2025-11672 EBM Technologies｜Uniweb/SoliPACS WebServer - Missing Authentication

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain user group names...

CVE-2025-11672 EBM Technologies｜Uniweb/SoliPACS WebServer - Missing Authentication

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain user group names...

PT-2025-41772

Name of the Vulnerable Software and Affected Versions Uniweb/SoliPACS WebServer versions affected versions not specified Description The Uniweb/SoliPACS WebServer developed by EBM Technologies has a missing authentication control. This allows unauthenticated remote attackers to access a specific...