Lucene search
K

4 matches found

Patchstack
Patchstack
added 2026/06/19 9:15 p.m.6 views

NPM: TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

NPM: TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover vulnerability discovered by ? in WordPress Npm tinacms versions 3.9.3...

7.6CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2021/05/20 12:0 a.m.38 views

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

5.7CVSS7.5AI score0.01863EPSS
Exploits0
CNVD
CNVD
added 2019/02/13 12:0 a.m.4 views

Joomla! cross-site scripting vulnerability (CNVD-2019-15994)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site scripting vulnerability exists in Joomla! versions prior to 3.9.3,...

6.1CVSS6.2AI score0.00793EPSS
Exploits0References1
CNVD
CNVD
added 2019/02/13 12:0 a.m.3 views

Joomla! objection injection attack vulnerability

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A vulnerability exists in Joomla! versions prior to 3.9.3 that can be exploited b...

9.8CVSS7.2AI score0.02671EPSS
Exploits0References1
Rows per page
Query Builder