Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

EUVD
EUVDadded 6 days ago11 views

EUVD-2026-38631

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References2
NVD
NVDadded last week8 views

CVE-2026-12163

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS0.00145EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded last week6 views

CVE-2026-12163

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References2
Cvelist
Cvelistadded last week33 views

CVE-2026-12163 Stored XSS in Fortra File Integrity Monitoring (FIM)

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS0.00145EPSS
Exploits0References1
CVE
CVEadded last week8 views

CVE-2026-12163

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored XSS in the Asset View UI. An authenticated user capable of creating/modifying affected node or database configuration fields can store script content that is rendered as HTML when Asse...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/06/23 12:0 a.m.8 views

PT-2026-51604

Name of the Vulnerable Software and Affected Versions Fortra File Integrity Monitoring FIM versions prior to 9.4.0.1 Description A stored cross-site scripting XSS issue exists in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or...

5.5CVSS5.6AI score0.00145EPSS
Exploits0References6
NVD
NVDadded 2026/06/21 2:16 p.m.10 views

CVE-2026-56384

Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a target private asset can call the endpoint with an attacker-controlled assetId and receive preview HTML containing a signed fallback transform preview...

5.3CVSS0.00193EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/21 1:27 p.m.6 views

EUVD-2026-38178

Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a target private asset can call the endpoint with an attacker-controlled assetId and receive preview HTML containing a signed fallback transform preview...

5.3CVSS5.9AI score0.00193EPSS
Exploits0References3
CVE
CVEadded 2026/06/21 1:27 p.m.16 views

CVE-2026-56384

Craft CMS has a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a private asset can call the endpoint with an attacker-controlled assetId and receive preview HTML containing a signed fallback transform preview link for that...

5.3CVSS5.9AI score0.00193EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blogadded 2025/04/29 12:30 p.m.15 views

Driving down MTTR with Remediation Hub, Available in Rapid7 Exposure Command

Co-authored by Peter Whibley, Ed Montgomery, and Joel Alcon Technology innovation combined with the highly fragmented nature of today's IT landscape means that vulnerabilities are being exploited faster and at greater scale than ever. Security teams contend with a daily surge of new threat actors...

7.7AI score
Exploits0
Github Security Blog
Github Security Blogadded 2021/09/01 6:40 p.m.36 views

XSS vulnerability on asset view

Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...

7.1CVSS0.7AI score0.00604EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/09/01 6:40 p.m.21 views

GHSA-RH5W-82WH-JHR8 XSS vulnerability on asset view

Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...

7.1CVSS5.7AI score0.00604EPSS
Exploits0References4
Friends Of PHP
Friends Of PHPadded 1970/01/01 12:0 a.m.26 views

XSS vulnerability on asset view

Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...

7.1CVSS5.7AI score0.00604EPSS
Exploits0Affected Software1
Rows per page
Query Builder