6 matches found
CVE-2026-23841 Movary vulnerable to Cross-site Scripting with `?categoryCreated=` param
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryCreated=. Version 0.70.0 fixes the issue...
CVE-2026-23841
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryCreated=. Version 0.70.0 fixes the issue...
CVE-2026-23841 Movary vulnerable to Cross-site Scripting with `?categoryCreated=` param
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryCreated=. Version 0.70.0 fixes the issue...
CVE-2026-23841 Movary vulnerable to Cross-site Scripting with `?categoryCreated=` param
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryCreated=. Version 0.70.0 fixes the issue...
CVE-2026-23841
CVE-2026-23841 — Movary, a web app for tracking movie history, is vulnerable to cross-site scripting due to insufficient input validation in the vulnerable parameter ?categoryCreated=. Affected: Movary versions prior to 0.70.0. Impact: ability to trigger XSS payloads (high risk per citations). Fi...
PT-2026-3482
Name of the Vulnerable Software and Affected Versions Movary versions prior to 0.70.0 Description Movary is a web application used to track, rate, and explore movie watch history. Insufficient input validation allows attackers to trigger cross-site scripting payloads. The vulnerable parameter is...