Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:26 p.m.5 views

CVE-2026-48559

Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...

5.4CVSS5.5AI score0.00171EPSS
Exploits1References1
CVE
CVEadded 2026/06/01 1:15 p.m.16 views

CVE-2026-48559

CVE-2026-48559 affects Lightweight Music Server (LMS) up to version 3.76.0. The vulnerability is a stored cross-site scripting (XSS) that lets an attacker cause JavaScript execution in the web interface by embedding malicious HTML in media file metadata fields (GENRE, ARTIST, ALBUM). The payload ...

5.4CVSS5.9AI score0.00171EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/06/01 12:0 a.m.9 views

Lightweight Music Server 跨站脚本漏洞

Lightweight Music Server is a self-hosted music streaming service developed by Emeric POUPON. Versions of Lightweight Music Server 3.76.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-xss attacks, allowing attackers to execute arbitrary...

5.4CVSS5.5AI score0.00171EPSS
Exploits1References4
SUSE CVE
SUSE CVEadded 2023/07/19 2:2 a.m.4 views

SUSE CVE-2023-37259

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...

6.1CVSS6AI score0.00448EPSS
Exploits0References3
Prion
Prionadded 2023/07/18 5:15 p.m.15 views

Cross site scripting

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...

4.9CVSS5AI score0.00448EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/07/18 4:59 p.m.30 views

CVE-2023-37259 Cross site scripting in Export Chat feature

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting XSS. Since the Export Chat feature...

6.1CVSS6AI score0.00448EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/07/18 12:0 a.m.3 views

matrix-react-sdk 跨站脚本漏洞

matrix-react-sdk is a Matrix open source component for inserting the Matrix chat/voip client into web pages. A cross-site scripting vulnerability exists in matrix-react-sdk versions 3.32.0 through 3.76.0, which stems from the Export Chat feature containing certain attacker-controlled elements in...

6.1CVSS5.3AI score0.00448EPSS
Exploits0References3
Rows per page
Query Builder