12 matches found
CVE-2025-53839
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839
CVE-2025-53839 affects DRACOON Branding Service (pre-2.10.0). The vulnerability is cross-site scripting caused by improper neutralization of input from administrative users, potentially injecting HTML into the workflow for newly onboarded users. A fix was made available in version 2.10.0 and roll...
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
PT-2025-29525 · Racoon · Dracoon Branding Service
Name of the Vulnerable Software and Affected Versions: DRACOON Branding Service versions prior to 2.10.0 Description: DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface. Versions prior to 2.10.0 are susceptible to cross-site...
DRACOON Branding Service 跨站脚本漏洞
DRACOON Branding Service is a branding customization software from DRACOON Germany. A cross-site scripting vulnerability exists in DRACOON Branding Service versions prior to 2.10.0 that stems from improper input neutralization and could lead to a cross-site scripting attack...
Malicious code in dracoon (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain...
MAL-2025-1538 Malicious code in dracoon (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain...
Dragoon 0.1 (lng) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ==================================================== Dragoon 0.1 lng Local File Inclusion Vulnerability ==================================================== Script Name :Dragoon CMS Error : $cal'lng'=$GET'lng';...
Dragoon 0.1 - 'lng' Local File Inclusion
Script Name :Dragoon CMS Download : http://sourceforge.net/project/showfiles.php?groupid=118780 Error : $cal'lng'=$GET'lng'; include'../lang/'.$cal'lng'.'.php'; Vul Code : http://site/path/forum/kietu/libs/calendrier.php?callng=LFI milw0rm.com 2008-04-04...