125 matches found
CVE-2026-44727 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP
Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyterserver render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. Combined with nbconvert.HTMLExporter's default...
CVE-2026-54290
Hono (web framework) prior to 4.12.25 is vulnerable to a CORS misconfiguration: with credentials: true and no explicit origin (default wildcard), the CORS middleware reflects the request Origin and sets Access-Control-Allow-Credentials: true, allowing credentialed cross‑origin reads of cookie‑pro...
PT-2026-50175
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description When @n8n/mcp-browser is operated in HTTP transport mode using the --transport http flag, the MCP endpoint allows session initialization and tool invocation requests without...
Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover
Summary The budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. Given that Budibase has had XSS vulnerabilities GHSA-gp5x-2v54-v2q5 — stored XSS via unsanitized enti...
CVE-2026-34828
listmonk is a standalone, self-hosted, newsletter and mailing list manager. From version 4.1.0 to before version 6.1.0, a session management vulnerability allows previously issued authenticated sessions to remain valid after sensitive account security changes, specifically password reset and...
OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access
Summary In affected versions, the Browser Relay /cdp WebSocket endpoint did not require an authentication token. As a result, a website running in the browser could potentially connect to the local relay via loopback WebSocket and use CDP to access cookies from other open tabs and run JavaScript ...
CVE-2021-41101
wire-server is an open-source back end for Wire, a secure collaboration platform. Before version 2.106.0, the CORS Access-Control-Allow-Origin header set by nginz is set for all subdomains of .wire.com including wire.com. This means that if somebody were to find an XSS vector in any of the...
PT-2025-51941
Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.0.0 Description The application inadequately sanitizes or encodes user-supplied HTML/JS, leading to stored cross-site scripting XSS. This allows an attacker to execute JavaScript in the browsers of other users...
CVE-2025-12031
HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...
CVE-2025-12031 HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute
HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...
EUVD-2003-0508
Malware in sbrugna...
EUVD-2016-2825
Malware in sbrugna...
EUVD-2019-7004
Malware in sbrugna...
EUVD-2003-0586
Malware in sbrugna...
EUVD-2003-0587
Malware in sbrugna...
EUVD-2003-0588
Malware in sbrugna...
EUVD-2003-0507
Malware in sbrugna...
EUVD-2009-2625
Malware in sbrugna...
EUVD-2022-53399
Malicious code in bioql PyPI...
EUVD-2024-54455
Malicious code in bioql PyPI...