Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/03 12:25 a.m.3 views

CVE-2025-11261

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js. This issue affects MediaWiki: from before 1.39.15,...

5.2AI score0.00225EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 12:25 a.m.26 views

CVE-2025-11261 Stored i18n XSS exposed by security patch for T402077

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js. This issue affects MediaWiki: from before 1.39.15,...

0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/03 12:25 a.m.4 views

EUVD-2025-206639

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js. This issue affects MediaWiki: from before 1.39.15,...

5.3AI score0.00225EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/04 2:37 p.m.3 views

SUSE CVE-2025-49011

SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow'ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, reques...

5.3CVSS6.6AI score0.00266EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/06 6:42 p.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to the evaluation of multiple caveated branches in the schema. An attacker can receive a NOPERMISSION response when a HASPERMISSION response is expected by exploiting the incorrect handling of caveats in...

5.3CVSS7AI score0.00266EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/06 5:36 p.m.10 views

CVE-2025-49011 SpiceDB checks involving relations with caveats can result in no permission when permission is expected

SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow’ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, reques...

3.7CVSS4.5AI score0.00266EPSS
Exploits0References3
Rows per page
Query Builder