284 matches found
CVE-2026-27458 LinkAce: Stored XSS in Atom Feed via CDATA Escape in List Description
LinkAce is a self-hosted archive to collect website links. Versions 2.4.2 and below have a Stored Cross-site Scripting vulnerability through the Atom feed endpoint for lists /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description that escapes the XML CDATA...
CVE-2026-27458
LinkAce versions 2.4.2 and earlier are affected by a Stored XSS in the Atom feed at /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description, escaping the CDATA and injecting an SVG element into the Atom XML, which the browser parses and executes as JavaScrip...
CVE-2026-27458 LinkAce: Stored XSS in Atom Feed via CDATA Escape in List Description
LinkAce is a self-hosted archive to collect website links. Versions 2.4.2 and below have a Stored Cross-site Scripting vulnerability through the Atom feed endpoint for lists /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description that escapes the XML CDATA...
CVE-2026-27458
LinkAce is a self-hosted archive to collect website links. Versions 2.4.2 and below have a Stored Cross-site Scripting vulnerability through the Atom feed endpoint for lists /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description that escapes the XML CDATA...
CVE-2026-27458 LinkAce: Stored XSS in Atom Feed via CDATA Escape in List Description
LinkAce is a self-hosted archive to collect website links. Versions 2.4.2 and below have a Stored Cross-site Scripting vulnerability through the Atom feed endpoint for lists /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description that escapes the XML CDATA...
CVE-2025-69674
Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7P161006 Build.0333.250211 allows an attacker to execute arbitrary code via the nodemac, nodeopt, optparam, and domainblk parameters of the meshnodeconfig and domiainblkconfig modules...
CVE-2025-69674
Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7P161006 Build.0333.250211 allows an attacker to execute arbitrary code via the nodemac, nodeopt, optparam, and domainblk parameters of the meshnodeconfig and domiainblkconfig modules...
CVE-2025-69674
Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7P161006 Build.0333.250211 allows an attacker to execute arbitrary code via the nodemac, nodeopt, optparam, and domainblk parameters of the meshnodeconfig and domiainblkconfig modules...
CVE-2025-69674
Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7P161006 Build.0333.250211 allows an attacker to execute arbitrary code via the nodemac, nodeopt, optparam, and domainblk parameters of the meshnodeconfig and domiainblkconfig modules...
PT-2026-20863
Name of the Vulnerable Software and Affected Versions CDATA FD614GS3-R850 version 3.2.7 P161006 Build.0333.250211 Description A buffer overflow issue exists in CDATA FD614GS3-R850 version 3.2.7 P161006 Build.0333.250211. This flaw allows an attacker to potentially execute arbitrary code by...
CVE-2022-37307
OX App Suite through 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature...
CVE-2019-12041
lib/common/htmlre.js in remarkable 1.7.1 allows Regular Expression Denial of Service ReDoS via a CDATA section...
EUVD-2020-21440
Malware in sbrugna...
EUVD-2020-21445
Malware in sbrugna...
EUVD-2020-21441
Malware in sbrugna...
EUVD-2020-21436
Malware in sbrugna...
EUVD-2020-4926
Malware in sbrugna...
EUVD-2020-21442
Malware in sbrugna...
EUVD-2020-21443
Malware in sbrugna...
EUVD-2020-21438
Malware in sbrugna...