4 matches found
EUVD-2026-36196
Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in org.yamcs.security.LdapAuthModule when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13...
CVE-2026-46445
SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...
DEBIAN-CVE-2026-8496
A cross-site scripting XSS vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitation files allows arbitrary JavaScript execution within the authenticated SOGo webmail session. The issue occurs because SVG content embedded in the description field of an ICS...
PT-2024-22746 · Unknown · Relywp Coupon Affiliates
Name of the Vulnerable Software and Affected Versions: RelyWP Coupon Affiliates versions through 5.12.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions throu...