Lucene search
K

4 matches found

OSV
OSV
added 2026/01/19 6:35 p.m.7 views

CVE-2026-23841 Movary vulnerable to Cross-site Scripting with `?categoryCreated=` param

Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryCreated=. Version 0.70.0 fixes the issue...

9.3CVSS5.1AI score0.00222EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/19 6:32 p.m.2 views

CVE-2026-23840

Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryDeleted=. Version 0.70.0 fixes the issue...

9.3CVSS5AI score0.00247EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/01/19 6:27 p.m.22 views

CVE-2026-23839

CVE-2026-23839 affects Movary, a web application to track and rate movie watch history. The issue arises from insufficient input validation that enables cross-site scripting via the vulnerable parameter ?categoryUpdated= in versions prior to 0.70.0. Version 0.70.0 fixes the issue. References from...

9.3CVSS5AI score0.00265EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/19 6:27 p.m.20 views

CVE-2026-23839 Movary vulnerable to Cross-site Scripting with `?categoryUpdated=` param

Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryUpdated=. Version 0.70.0 fixes the issue...

9.3CVSS0.00265EPSS
Exploits1References3
Rows per page
Query Builder