Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2026/06/05 7:12 p.m.12 views

CVE-2026-44669

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts...

8.7CVSS5.3AI score0.00211EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/26 5:43 p.m.10 views

CVE-2026-44669

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/05/26 5:43 p.m.34 views

CVE-2026-44669 Faction: Stored XSS in Assessment Attachment Filename Preview Rendering

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts...

8.7CVSS0.00211EPSS
Exploits0References2
cve
cve
added 2026/05/26 5:43 p.m.29 views

CVE-2026-44669

CVE-2026-44669 affects FACTION, a PenTesting Report Generation and Collaboration Framework. Before version 1.8.3, it is vulnerable to stored XSS in attachment filenames used in the assessment file preview flow. User-supplied filename values are persisted server-side and later rendered into HTML/a...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/26 12:0 a.m.17 views

PT-2026-43347

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References3
Rows per page
Query Builder