Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/05/15 10:16 p.m.6 views

CVE-2026-45303

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can be injected and executed. The frontend provides a function to visualize the HTML content of a current chat. The content is embedded in an...

7.7CVSS0.00036EPSS
Exploits1References1
NVD
NVDadded 2025/11/11 1:15 a.m.4 views

CVE-2025-42893

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

6.1CVSS0.00088EPSS
Exploits0References2
CVE
CVEadded 2025/11/11 12:17 a.m.7 views

CVE-2025-42893

The CVE-2025-42893 issue is an Open Redirect in SAP Business Connector. An unauthenticated attacker can craft a URL that, when visited by a victim, redirects to an attacker-controlled site displayed in an embedded frame. This can lead to disclosure of sensitive information and unauthorized action...

6.1CVSS6.1AI score0.00088EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/11/11 12:17 a.m.2 views

CVE-2025-42893 Open Redirect vulnerability in SAP Business Connector

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

6.1CVSS6AI score0.00088EPSS
Exploits0References2
Prion
Prionadded 2009/04/22 6:30 p.m.23 views

Code injection

Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODEFILEONLY save of the inner frame...

4.3CVSS6.5AI score0.01175EPSS
Exploits1References28Affected Software2
Cvelist
Cvelistadded 2009/04/22 6:0 p.m.21 views

CVE-2009-1311

Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODEFILEONLY save of the inner frame...

7.4AI score0.01175EPSS
Exploits1References28
RedHat Linux
RedHat Linuxadded 2009/04/21 11:44 p.m.3 views

Firefox POST data sent to wrong site when saving web page with embedded frame

Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODEFILEONLY save of the inner frame...

4.3CVSS7.4AI score0.01175EPSS
Exploits1References4
Rows per page
Query Builder