EUVD-2026-32524

Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the imageget API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositio...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the Helper::stripDangerousTags function not removin...

PT-2026-33912

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's Helper::stripDangerousTags removes , , , but does NOT strip tags. The mailbox signature field is saved via POST /mailbox/settings/id and later rendered unescaped via !!...

CVE-2026-24037 Horilla HRM has XSS Bypass through Project Name

Horilla is a free and open source Human Resource Management System HRMS. In version 1.4.0, the hasxss function attempts to block XSS by matching input against a set of regex patterns. However, the regexes are incomplete and context-agnostic, making them easy to bypass. Attackers are able to...

CVE-2026-24037

Horilla HRMS has_XSS bypass in version 1.4.0 due to incomplete, context-agnostic regex filtering in has_xss(), enabling attackers to redirect users, run external JavaScript, and steal CSRF tokens for admin-targeted CSRF attacks. The issue is fixed in version 1.5.0. Affected: Horilla 1.4.x → fixed...

PT-2026-3913

Name of the Vulnerable Software and Affected Versions Horilla versions prior to 1.5.0 Description Horilla is a Human Resource Management System HRMS. The has xss function in version 1.4.0 attempts to prevent Cross-Site Scripting XSS by using regular expressions to filter input. However, these...

linkding 安全漏洞

linkding is a bookmark manager that can be self-hosted by the individual developer Sascha Ißbrücker. A security vulnerability exists in linkding that stems from the file upload feature in the bookmarks and asset rendering pipeline that allows the upload of malicious SVG files containing JavaScrip...

CVE-2025-14202 Cross-Site Request Forgery (CSRF) Leading to Account Takeover via SVG File Upload

A vulnerability in the file upload at bookmark + asset rendering pipeline allows an attacker to upload a malicious SVG file with JavaScript content. When an authenticated admin user views the SVG file with embedded JavaScript code of shared bookmark, JavaScript executes in the admin’s browser,...

EUVD-2018-5344

Malware in sbrugna...

CVE-2021-44082

textpattern 4.8.7 is vulnerable to Cross Site Scripting XSS via /textpattern/index.php,Body. A remote and unauthenticated attacker can use XSS to trigger remote code execution by uploading a webshell. To do so they must first steal the CSRF token before submitting a file upload request...

Exploit for Cross-site Scripting in Salesagility Suitecrm

CVE-2024-50335: Authenticated XSS in "Publish Key" Field Allow...

CVE-2024-31503

Incorrect access control in Dolibarr ERP CRM versions 19.0.0 and before, allows authenticated attackers to steal victim users' session cookies and CSRF protection tokens via user interaction with a crafted web page, leading to account takeover...

CVE-2021-44082

textpattern 4.8.7 is vulnerable to Cross Site Scripting XSS via /textpattern/index.php,Body. A remote and unauthenticated attacker can use XSS to trigger remote code execution by uploading a webshell. To do so they must first steal the CSRF token before submitting a file upload request...

Mail.ru: Bypassing SOP with XSS on account.my.games leading to steal CSRF token and user information

Incorrect CORS settings on account.my.games, allowed access to user information registration IP, email, username, birthday, profile visibility from .my.com. Vulnerability demonstrated by XSS at warofdragons.my.games...

CSRF token theft through referrer headers - CVE-2021-39126

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request Forgery CSRF vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF token. The affected versions a...

IP Board 3.x CSRF Token Theft

Title: IP Board 3.x CSRF - Token hjiacking Date: 03.09.14 Version: = 3.4.6 Vendor: invisionpower.com Author: Piotr S. Video-PoC: https://www.youtube.com/watch?v=G5P21TA4DjY 1 Introduction Latest and propabbly previous IPB verions suffers on vulnerability, which allows attacker to steal CSRF token...