CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD-2026-36318

OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via action-triggered...

7.7CVSS5.5AI score

Exploits0References2

Github Security Blog•added 2024/05/28 9:23 p.m.•23 views

ansibleguy-webui Cross-site Scripting vulnerability

Impact Multiple forms in version = 0.0.21 References Report GitHub Issue 44...

8.2CVSS6.6AI score0.00249EPSS

Exploits0References6Affected Software1

OSV•added 2024/05/28 9:23 p.m.•18 views

GHSA-927P-XRC2-X2GJ ansibleguy-webui Cross-site Scripting vulnerability

Impact Multiple forms in version = 0.0.21 References Report GitHub Issue 44...

8.2CVSS8.3AI score0.00249EPSS

Exploits0References6

Vulnrichment•added 2024/05/28 6:33 p.m.•12 views

CVE-2024-36110 Cross-site scripting in ansibleguy-webui

ansibleguy-webui is an open source WebUI for using Ansible. Multiple forms in versions 0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. These issues have been addressed in version 0.0.21 0.0.21.post2 on pypi...

8.2CVSS6.9AI score0.00249EPSS

Exploits0References4

Cvelist•added 2020/05/13 6:40 p.m.•10 views

CVE-2020-11070 Cross-Site Scripting in SVG Sanitizer

The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulnerability in versions before 1.0.3. Slightly invalid or incomplete SVG markup is not correctly processed and thus not sanitized at all. Albeit the markup is not valid it still is evaluated in browsers and leads to cross-site...

5.4CVSS5.1AI score0.00206EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by