Lucene search
K

5 matches found

EUVD
EUVD
added yesterday10 views

EUVD-2026-33278

Mautic has an Authorization Bypass in API v2 Endpoints...

7.1CVSS5.8AI score0.00201EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 1:18 p.m.6 views

Incorrect Authorization

Overview mautic/plugin-focus is a Focus Plugin Affected versions of this package are vulnerable to Incorrect Authorization in the enforcement of owner-scope permissions such as viewown or editown. An attacker can gain unauthorized access or modify resources belonging to other users by exploiting...

7.1CVSS5.8AI score0.00201EPSS
Exploits0References2
Huntr
Huntr
added 2023/06/18 3:33 a.m.8 views

Stored XSS on user "Edit own profile" function

Description An attacker can inject malicious executable scripts into the code of the Social media field Proof of Concept Log in as a Member user, access My profile - Edit own profile function, insert this payload to any field " autofocus onfocus=promptdocument.domain then click Save. Access the...

7AI score
Exploits0
OSV
OSV
added 2020/05/06 4:52 p.m.5 views

DRUPAL-CONTRIB-2020-014

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter user input under in the scenario when a webform is edited, namely the message related to character min/max counter does not undergo sufficient filtering and thus allows execution of JavaScript cod...

7AI score
Exploits0References1
OSV
OSV
added 2020/05/06 4:43 p.m.3 views

DRUPAL-CONTRIB-2020-011

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter webform element properties attributes under the scenario of editing a webform. Malicious user could craft such an attribute element\validate, for example that would invoke execution of undesired P...

6.8AI score
Exploits0References1
Rows per page
Query Builder