Lucene search
+L

5 matches found

Cvelist
Cvelist
added 2026/06/26 8:34 p.m.28 views

CVE-2026-50132 Budibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in Budibase

Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint no auth required that performs a permanent, state-changing operation: it binds an external chat identity Slack/Discord/MS Teams to an authenticated Budibase user accoun...

7.3CVSS0.00192EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2023/01/09 1:54 p.m.52 views

CVE-2023-22472

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. e.g. in an email, chat link...

8.8CVSS7AI score0.00204EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/15 12:0 a.m.21 views

Zoom Client for Meetings < 5.7.3 Vulnerability (ZSB-21021)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.7.3. It is, therefore, affected by a vulnerability as referenced in the ZSB-21021 advisory. - The Zoom Client for Meetings before version 5.7.3 for Android, iOS, Linux, macOS, and Windows contain a server side...

6.1CVSS6.5AI score0.00932EPSS
Exploits0References2
OSV
OSV
added 2021/12/14 8:15 p.m.4 views

CVE-2021-34425

The Zoom Client for Meetings before version 5.7.3 for Android, iOS, Linux, macOS, and Windows contain a server side request forgery vulnerability in the chat's "link preview" functionality. In versions prior to 5.7.3, if a user were to enable the chat's "link preview" feature, a malicious actor...

6.1CVSS5.9AI score0.00932EPSS
Exploits0References1
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-1511

Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote attackers to execute arbitrary code via a certain link sent in a chat window...

5CVSS7.6AI score0.0232EPSS
Exploits0References3
Rows per page
Query Builder