Lucene search
K

12 matches found

NVD
NVD
added 2026/01/15 11:15 p.m.3 views

CVE-2026-1008

A stored cross-site scripting XSS vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected...

7.6CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 2026/01/15 10:24 p.m.24 views

CVE-2026-1008

CVE-2026-1008 describes a stored XSS in Altium 365 profile text fields due to insufficient server-side input sanitization. The vulnerability allows authenticated users to inject arbitrary HTML/JavaScript payloads using whitespace-based attribute parsing bypass techniques. The payload is persisted...

7.6CVSS5.2AI score0.00208EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/15 10:24 p.m.4 views

CVE-2026-1008

A stored cross-site scripting XSS vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected...

7.6CVSS5.1AI score0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.13 views

PT-2026-3140

Name of the Vulnerable Software and Affected Versions Altium 365 affected versions not specified Description A stored cross-site scripting XSS issue exists in the user profile text fields. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScri...

7.6CVSS5.3AI score0.00208EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.6 views

SUSE CVE-2019-11720

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...

6.1CVSS7.2AI score0.01085EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2019/07/23 1:17 p.m.28 views

CVE-2019-11720

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...

6.1CVSS7.7AI score0.01085EPSS
Exploits0
OSV
OSV
added 2019/07/11 12:0 a.m.3 views

UBUNTU-CVE-2019-11720

Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting XSS filtering. This vulnerability affects Firefox 68...

6.1CVSS6.8AI score0.01085EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/01/03 10:30 a.m.7 views

undertow: improper whitespace parsing leading to potential HTTP request smuggling

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS7.4AI score0.01858EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:57 p.m.4 views

undertow: improper whitespace parsing leading to potential HTTP request smuggling

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS7.4AI score0.01858EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:48 p.m.6 views

undertow: improper whitespace parsing leading to potential HTTP request smuggling

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS7.4AI score0.01858EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:31 p.m.4 views

undertow: improper whitespace parsing leading to potential HTTP request smuggling

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS7.4AI score0.01858EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2017/05/09 2:16 p.m.128 views

USN-3279-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache modsessioncrypto module was encrypting data and cookies using either CBC or ECB modes. A remote attacker could possibly use this issue to perform padding oracle attacks. CVE-2016-0736 Maksim Malyutin discovered that the Apache modauthdigest module incorrectly...

7.5CVSS6.6AI score0.49024EPSS
Exploits4
Rows per page
Query Builder