Lucene search
+L

7 matches found

EUVD
EUVD
added 2026/07/01 12:33 a.m.8 views

EUVD-2026-40424

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References5
NVD
NVD
added 2026/06/30 10:16 p.m.10 views

CVE-2026-10585

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The...

6.3CVSS0.00184EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/30 9:39 p.m.7 views

CVE-2026-10585 Stored cross-site scripting vulnerability in GitHub Enterprise Server allowed arbitrary JavaScript execution via crafted Discussion titles in the Q&A category

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The...

6.3CVSS6.1AI score0.00184EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/30 9:39 p.m.31 views

CVE-2026-10585 Stored cross-site scripting vulnerability in GitHub Enterprise Server allowed arbitrary JavaScript execution via crafted Discussion titles in the Q&A category

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The...

6.3CVSS0.00184EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/05 11:52 p.m.9 views

CVE-2022-41938

Flarum is an open source discussion platform. Flarum's page title system allowed for page titles to be converted into HTML DOM nodes when pages were rendered. The change was made after v1.5 and was not noticed. This allowed an attacker to inject malicious HTML markup using a discussion title inpu...

9CVSS5.7AI score0.0068EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/19 12:0 a.m.6 views

CVE-2022-41938 Cross site scripting vulnerability with discussion titles in flarum

Flarum is an open source discussion platform. Flarum's page title system allowed for page titles to be converted into HTML DOM nodes when pages were rendered. The change was made after v1.5 and was not noticed. This allowed an attacker to inject malicious HTML markup using a discussion title inpu...

9CVSS8.7AI score0.0068EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/19 12:0 a.m.10 views

PT-2022-26169 · Flarum · Flarum

Name of the Vulnerable Software and Affected Versions: Flarum versions 1.5.0 through 1.6.1 Description: The issue arises from Flarum's page title system, which allowed page titles to be converted into HTML DOM nodes when pages were rendered. This enabled an attacker to inject malicious HTML marku...

9CVSS6.2AI score0.0068EPSS
Exploits0References8
Rows per page
Query Builder