CVE-2026-32986 Textpattern CMS 4.9.0: Second-Order XSS via Atom Feed Injection

Textpattern CMS version 4.9.0 contains a second-order cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting improper sanitization of user-supplied input in Atom feed XML elements. Attackers can embed unescaped payloads in parameters such as category th...

Microsoft Edge (Chromium-Based) Spoofing And Security Feature Bypass Vulnerabilities - Mar24

Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security feature bypass vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by an attacker to add malicious scripts to obtain sensitive information from the...

CVE-2023-41710

Open-Xchange App Suite CVE-2023-41710 concerns a cross-site scripting (XSS) vulnerability where user-defined script code was not properly sanitized when added to the DOM, potentially allowing attackers to entice users to execute code within a trusted domain. Affected product references include Op...

CVE-2009-1600

Apple Safari (PDF JavaScript security) is reported to execute DOM calls triggered by a javascript: URI in the target attribute of a form submit within an inline PDF, potentially bypassing Adobe Acrobat JavaScript restrictions on accessing the document object. This could enable remote attackers to...