2 matches found
CVE-2026-11126
CVE-2026-11126 : Concrete details show an issue in Chromium-based Chrome DevTools. An attacker could leak cross-origin data by convincing a user to install a malicious Chrome extension. Affected software/version: Google Chrome/Chromium prior to 149.0.7827.53. The Debian advisory fixes this in chr...
CVE-2025-31487 The XWiki JIRA extension allows data leak through an XXE attack by using a fake JIRA server
The XWiki JIRA extension provides various integration points between XWiki and JIRA macros, UI, CKEditor plugin. If the JIRA macro is installed, any logged in XWiki user could edit his/her user profile wiki page and use that JIRA macro, specifying a fake JIRA URL that returns an XML specifying a...