CVE-2026-12163 Stored XSS in Fortra File Integrity Monitoring (FIM)

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

CVE-2026-12163 Stored XSS in Fortra File Integrity Monitoring (FIM)

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

EUVD-2026-37008

Slim has Reflected XSS in the HtmlErrorRenderer...

CVE-2026-46547

CVE-2026-46547 (NocoDB) is a reflected XSS in the Page Leaving Warning page. The issue arises because the query parameters ncRedirectUrl and ncBackUrl are used in window.location.href and in an tag href without proper validation, allowing javascript: URI injection. Exploitation could enable arbi...

CVE-2026-47376

CVE-2026-47376 (NocoDB) describes a reflected XSS on the password-reset flow. Before 2026.04.1, the token from the password-reset URL was directly embedded into a JavaScript string in a server-rendered EJS template, which does not escape single quotes or backslashes. This allowed an attacker-cont...

CVE-2026-47383

CVE-2026-47383 affects NocoDB prior to 2026.05.1, where an authenticated commenter could store HTML in row comments that executed as script when other users hovered over the comment in the expanded form view. The root cause is that write paths persisted the raw comment body with no server-side sa...

CVE-2026-54013

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but forgot to apply the same fix to model profile images. The ModelMeta class has no...

CVE-2026-53662

immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting XSS vulnerability on the /auth/login page allows an attacker to fully compromise any authenticated user's account with a single link click. The contin...

CVE-2026-52846

Summary: CVE-2026-52846 affects Caddy's stripHTML template function, which cannot reliably strip certain malformed HTML (e.g., <img src=x onerror=alert()>). This can bypass tag-stripping and may enable client-side XSS when untrusted strings are rendered as HTML. The issue originates in func...

CVE-2026-53662 immich: One-click account takeover via XSS in login page continue redirect

immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting XSS vulnerability on the /auth/login page allows an attacker to fully compromise any authenticated user's account with a single link click. The contin...

CVE-2026-44960

A stored XSS can be exploited by leveraging the usernames as an attack vector. When an admin user viewed the audit log details for affected entries, any malicious JavaScript payload embedded in the username would be executed due to missing output sanitisation. Proper escaping has been added to th...

CVE-2026-54011

Open WebUI vulnerability CVE-2026-54011 is a stored XSS in Mermaid Markdown Preview. Affected versions include main and 0.8.12; the Mermaid rendering uses securityLevel: 'loose' and injects SVG via innerHTML in the file preview path, enabling JavaScript execution in the app origin. The issue is c...

CVE-2026-54011 Open WebUI: Stored XSS in Mermaid Markdown Preview

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

CVE-2026-54013

CVE-2026-54013 describes a stored XSS in Open WebUI where the model profile image URL could be a data:image/svg+xml;base64 payload. The root cause is missing input validation on ModelMeta.profile_image_url and missing output protections in the model image endpoint (no MIME allowlist, no nosniff, ...

CVE-2026-54303

n8n is an open source workflow automation platform. Prior to 2.24.0, an endpoint in the Meta and Microsoft Teams trigger nodes reflects a query parameter into the HTTP response without sanitization or Content-Security-Policy headers, enabling reflected XSS in the n8n origin when a logged-in user...

CVE-2026-44961

The CVE-2026-44961 entry affects Revive Adserver’s XML‑RPC addUser API. The flaw is a validation bypass introduced in the fix for CVE-2025‑55129, enabling username-based impersonation or stored XSS unless proper validation is present. The available documents confirm that correct validation has no...

CVE-2026-44960

Vulnerability summary (CVE-2026-44960) : A stored XSS exists in Revive Adserver where malicious content placed in the username could be executed when an admin views audit log details, due to missing output sanitisation. The issue is triggered by usernames being displayed in the audit log details ...

CVE-2026-44956

Revive Adserver (Revive Adserver) is affected by a stored XSS vector where an attacker’s Full Name, injected into system-generated emails stored in the userlog.details field, can execute JavaScript when an admin views the content via userlog-details.php. Root cause: missing output sanitisation in...

CVE-2026-44960

A stored XSS can be exploited by leveraging the usernames as an attack vector. When an admin user viewed the audit log details for affected entries, any malicious JavaScript payload embedded in the username would be executed due to missing output sanitisation. Proper escaping has been added to th...

CVE-2026-44961

The XML‑RPC API addUser method has a validation bypass introduced in the fix for CVE‑2025‑55129. As a result, API users could create usernames that enabled impersonation or stored XSS attacks. Proper validation has been added where it was missing...