Lucene search
+L

9 matches found

cvelist
cvelist
added 2026/06/30 10:8 p.m.39 views

CVE-2026-56356 n8n - Stored Cross-Site Scripting in Chat Trigger Node Custom CSS Field

n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...

5.4CVSS0.00177EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.7 views

PT-2026-54040

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.27 n8n versions 2.0.0 through 2.13.2 n8n version 2.14.0 Description A stored cross-site scripting issue exists in the Chat Trigger node's Custom CSS field caused by a misconfiguration of the sanitize-html library. A...

5.4CVSS5.8AI score0.00177EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28872

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00229EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/09/06 1:34 a.m.15 views

CVE-2025-58357

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP server...

9.6CVSS7.2AI score0.00597EPSS
Exploits1References1
nvd
nvd
added 2025/09/04 10:42 a.m.73 views

CVE-2025-58357

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP server...

9.6CVSS0.00597EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/09/04 12:30 a.m.6 views

CVE-2025-58357 5ire Chat Message XSS Vulnerability Enables Remote Code Execution

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP server...

9.6CVSS6.7AI score0.00597EPSS
Exploits1References2
osv
osv
added 2025/09/04 12:30 a.m.19 views

CVE-2025-58357 5ire Chat Message XSS Vulnerability Enables Remote Code Execution

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP server...

9.6CVSS7.2AI score0.00597EPSS
Exploits1References4
osv
osv
added 2024/11/05 2:15 a.m.5 views

CVE-2024-10809

A vulnerability was found in code-projects E-Health Care System 1.0 and classified as critical. This issue affects some unknown processing of the file /Doctor/chat.php. The manipulation of the argument name/message leads to sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.7AI score0.00495EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2008/03/05 12:0 a.m.10 views

PT-2008-2764 · Phpbb · 123 Flash Chat Module

Name of the Vulnerable Software and Affected Versions: 123 Flash Chat Module for phpBB affected versions not specified Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter to 1 "123flashchat.php" and 2 "phpbb login chat.php"...

6.8CVSS8.1AI score0.01129EPSS
Exploits0References7
Rows per page
Query Builder