5 matches found
UBUNTU-CVE-2026-57214
RabbitMQ is a messaging and streaming broker. Prior to 4.2.5, the RabbitMQ management UI renders the x-internal-purpose queue or exchange argument into an HTML title attribute without proper escaping on the Queues and Exchanges pages, allowing a user with permission to declare a queue or exchange...
CVE-2026-43874 WWBN AVideo: Incomplete Fix for YPTSocket autoEvalCodeOnHTML Strip: Unauthenticated Cross-User JavaScript Execution via `$msg['json']` Relay Bypass
WWBN AVideo is an open source video platform. In versions up to and including 29.0, the server-side mitigation for the YPTSocket autoEvalCodeOnHTML eval sink from CVE-2026-40911 only strips the payload when it sits under $json'msg', but the relay function msgToResourceId selects the outbound...
CVE-2026-40911 WWBN AVideo YPTSocket WebSocket Broadcast Relay Leads to Unauthenticated Cross-User JavaScript Execution via Client-Side eval() Sinks
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without sanitizing the msg or callback fields. On the client side, plugin/YPTSocket/script.js contains two eval...
CVE-2026-23960 Argo Workflows affected by stored XSS in the artifact directory listing
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user’s browser under the Argo...
CVE-2026-23960
CVE-2026-23960 affects Argo Workflows prior to versions 3.6.17 and 3.7.8. A stored XSS vulnerability in the artifact directory listing can cause arbitrary JavaScript to run in another user’s browser within the Argo Server origin, enabling actions with the victim’s privileges. Affected component: ...