Lucene search
+L

4 matches found

NVD
NVD
added 2026/06/15 2:16 a.m.12 views

CVE-2026-12202

A vulnerability has been found in Intelliants Subrion CMS up to 4.0.3. Affected by this issue is some unknown functionality of the component Blocks Endpoint. Such manipulation of the argument CSS class name leads to cross site scripting. The attack may be launched remotely. The exploit has been...

4.8CVSS0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/15 12:45 a.m.9 views

CVE-2026-12202 Intelliants Subrion CMS Blocks Endpoint cross site scripting

A vulnerability has been found in Intelliants Subrion CMS up to 4.0.3. Affected by this issue is some unknown functionality of the component Blocks Endpoint. Such manipulation of the argument CSS class name leads to cross site scripting. The attack may be launched remotely. The exploit has been...

4.8CVSS3.7AI score0.00214EPSS
Exploits0References6
OSV
OSV
added 2023/06/06 4:46 p.m.22 views

GHSA-86H2-2G4G-29QX avo possible unsafe reflection / partial DoS vulnerability

Summary The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. Details After reviewing th...

8.3CVSS8.6AI score0.0161EPSS
Exploits1References6
NVD
NVD
added 2023/04/28 9:15 p.m.35 views

CVE-2023-30857

@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version 0.6.1, there is a possible prototype pollution issue for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The...

3.7CVSS3.9AI score0.00482EPSS
Exploits0References2
Rows per page
Query Builder