CVE-2026-32276

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...

CVE-2026-32300

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the My Page profile update feature may allow modification of arbitrary user information. Versions 1.41...

CVE-2024-51989 Cross-site Scripting (XSS) Vulnerability in PasswordPusher

Password Pusher is an open source application to communicate sensitive information over the web. A cross-site scripting XSS vulnerability was identified in the PasswordPusher application, affecting versions v1.41.1 through and including v.1.48.0. The issue arises from an un-sanitized parameter...

uBlock 跨站脚本漏洞

uBlock is an open source ad blocker. A security vulnerability exists in uBlock versions prior to 1.41.1, which can be exploited by a remote attacker to run arbitrary code into the browser rendering process via "MessageSender.url"...