Lucene search
K

6 matches found

NVD
NVD
added 2026/04/28 7:37 p.m.8 views

CVE-2026-41910

OpenClaw before 2026.4.8 omits owner-only enforcement for cross-channel allowlist writes in the /allowlist endpoint. An authorized non-owner sender can bypass access controls to perform allowlist modifications against different channels, violating the intended trust model...

4.3CVSS0.00237EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/20 8:48 p.m.6 views

CVE-2026-21642

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php and channel-acl.php scripts of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 8:48 p.m.3 views

CVE-2026-21642

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php and channel-acl.php scripts of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is...

6.1CVSS5.5AI score0.00163EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/12/18 6:43 p.m.14 views

Revive Adserver: Reflected XSS in banner-acl.php and channel-acl.php via executionorder

Vulnerability description not provided...

6.1CVSS6.8AI score0.00163EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/08/11 9:31 p.m.11 views

Mattermost Confluence Plugin has Missing Authorization vulnerability

Mattermost Confluence Plugin versions 1.5.0 fail to check user access to the channel, which allows attackers to get channel subscription details without proper access to the channel via an API call to the Get Channel Subscriptions details endpoint...

4CVSS6.9AI score0.00192EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/08/11 6:56 p.m.132 views

CVE-2025-44001

CVE-2025-44001 concerns the Mattermost Confluence Plugin where versions

4CVSS7.1AI score0.00192EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder