Liferay Portal & DXP - Cross-Site Scripting

Liferay Portal 7.4.0 through 7.4.3.133 and Liferay DXP 2024.Q1.1 through 2025.Q1.4 contain a reflected XSS caused by improper sanitization in entrycoverimagecaption.jsp, letting remote non-authenticated attackers inject JavaScript. id: CVE-2025-4576 info: name: Liferay Portal & DXP - Cross-Site...

CVE-2021-47934 MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF

MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...

EUVD-2026-27275

OpenClaw versions 2026.4.7 before 2026.4.10 fail to normalize Discord event cover image parameters in sandbox media processing. Attackers can bypass media normalization to inject host-local media references into channel action paths expecting normalized media...

GHSA-C9H3-5P7R-MRJH OpenClaw: Discord event cover images bypassed sandbox media normalization

Summary Discord event cover images bypassed sandbox media normalization. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.7 = 2026.4.10 Impact Discord event cover image parameters could bypass the sandbox media normalization path used for outbound...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the process that renders the Gallery or Kanban view when a malicious URL is stored in the mAsset field and used as a cover image. An attacker can execute arbitrary operating system commands under the victim's...

CVE-2026-1271

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.7.2 via the 'pmuploadimage' and 'pmuploadcoverimage' AJAX actions. This is due to the updateusermeta function being called outsi...

CVE-2026-1271

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.7.2 via the 'pmuploadimage' and 'pmuploadcoverimage' AJAX actions. This is due to the updateusermeta function being called outsi...

CVE-2026-1271

The CVE concerns the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. It affects all versions up to 5.9.7.2 and enables Insecure Direct Object Reference via the pm_upload_image and pm_upload_cover_image AJAX actions. The root cause is update_user_meta() being called outside t...

CVE-2026-1271 ProfileGrid <= 5.9.7.2 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Profile and Cover Image Modification

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.7.2 via the 'pmuploadimage' and 'pmuploadcoverimage' AJAX actions. This is due to the updateusermeta function being called outsi...

CVE-2026-0587

A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7.1. Affected is an unknown function of the file rockpagegong.php of the component Cover Image Handler. The manipulation of the argument fengmian results in cross site scripting. The attack can be launched remotely. The exploit...

CVE-2026-0587 Xinhu Rainrock RockOA Cover Image rock_page_gong.php cross site scripting

A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7.1. Affected is an unknown function of the file rockpagegong.php of the component Cover Image Handler. The manipulation of the argument fengmian results in cross site scripting. The attack can be launched remotely. The exploit...

CVE-2026-0587 Xinhu Rainrock RockOA Cover Image rock_page_gong.php cross site scripting

A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7.1. Affected is an unknown function of the file rockpagegong.php of the component Cover Image Handler. The manipulation of the argument fengmian results in cross site scripting. The attack can be launched remotely. The exploit...

EUVD-2026-0860

A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7.1. Affected is an unknown function of the file rockpagegong.php of the component Cover Image Handler. The manipulation of the argument fengmian results in cross site scripting. The attack can be launched remotely. The exploit...

PT-2026-1274

Name of the Vulnerable Software and Affected Versions Xinhu Rainrock RockOA versions up to 2.7.1 Description A security flaw exists in Xinhu Rainrock RockOA up to version 2.7.1. The issue is related to cross site scripting within the Cover Image Handler component, specifically in the file rock pa...

ClassroomIO.com 安全漏洞

ClassroomIO.com is an educational platform open-sourced by ClassroomIO. A security vulnerability exists in ClassroomIO.com version 0.1.13, which originates in stored cross-site scripting and could allow an authenticated attacker to execute arbitrary code via a specially crafted SVG cover image...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the coverImageURL. An attacker can execute arbitrary JavaScript in the context of a user's browser by injecting malicious scripts via crafted requests. Details Cross-site scripting or XSS is a code...

GHSA-6QCG-28JH-HM7R Liferay Portal Reflected XSS in blogs-web

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows an...

CVE-2025-4576

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows an...

CVE-2024-48178

newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery SSRF via the goodsCoverImg parameter...

CVE-2023-47271

PKP-WAL aka PKP Web Application Library or pkp-lib before 3.3.0-16, as used in Open Journal Systems OJS and other products, does not verify that the file named in an XML document used for the native import/export plugin is an image file, before trying to use it for an issue cover image...