6 matches found
CVE-2026-23840
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryDeleted=. Version 0.70.0 fixes the issue...
CVE-2026-23840 Movary vulnerable to Cross-site Scripting with `?categoryDeleted=` param
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryDeleted=. Version 0.70.0 fixes the issue...
CVE-2026-23840 Movary vulnerable to Cross-site Scripting with `?categoryDeleted=` param
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryDeleted=. Version 0.70.0 fixes the issue...
CVE-2026-23840
Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripting payloads in versions prior to 0.70.0. The vulnerable parameter is ?categoryDeleted=. Version 0.70.0 fixes the issue...
CVE-2026-23840
CVE-2026-23840 affects Movary, a web application for tracking movie history. The issue arises from insufficient input validation in the vulnerable parameter ?categoryDeleted=, allowing cross-site scripting (XSS) payloads in versions prior to 0.70.0. The Red Hat/NVD/CVE data consistently state tha...
Movary cross-site scripting vulnerabilities
Movary is a film review program developed by Lee Peuker personally. Versions of Movary prior to 0.70.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient input validation for the categoryDeleted parameter, which could lead to cross-site scripting attacks...