Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/18 9:8 p.m.28 views

CVE-2026-22674 Hashgraph Guardian Stored XSS via branding companyName field

Hashgraph Guardian through 3.6.0, fixed in commit ba8c566, contains a stored cross-site scripting vulnerability that allows authenticated users with the STANDARDREGISTRY role to inject malicious scripts by submitting a crafted companyName value via the branding configuration API endpoint. Attacke...

4.8CVSS0.00177EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-21397

Malicious code in bioql PyPI...

4CVSS6.6AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/16 11:44 p.m.13 views

CVE-2025-53839

DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...

4CVSS6.8AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/14 11:12 p.m.2 views

CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting

DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...

4CVSS6.2AI score0.00185EPSS
Exploits0References1
CVE
CVE
added 2025/07/14 11:12 p.m.27 views

CVE-2025-53839

CVE-2025-53839 affects DRACOON Branding Service (pre-2.10.0). The vulnerability is cross-site scripting caused by improper neutralization of input from administrative users, potentially injecting HTML into the workflow for newly onboarded users. A fix was made available in version 2.10.0 and roll...

4CVSS6.3AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2025/07/14 11:12 p.m.4 views

CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting

DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...

4CVSS6.4AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/14 11:12 p.m.7 views

CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting

DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...

4CVSS0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.7 views

PT-2025-29525 · Racoon · Dracoon Branding Service

Name of the Vulnerable Software and Affected Versions: DRACOON Branding Service versions prior to 2.10.0 Description: DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface. Versions prior to 2.10.0 are susceptible to cross-site...

4CVSS6.2AI score0.00185EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.4 views

DRACOON Branding Service 跨站脚本漏洞

DRACOON Branding Service is a branding customization software from DRACOON Germany. A cross-site scripting vulnerability exists in DRACOON Branding Service versions prior to 2.10.0 that stems from improper input neutralization and could lead to a cross-site scripting attack...

4CVSS6AI score0.00185EPSS
Exploits0References2
Rows per page
Query Builder