Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.8 views

CVE-2026-27694

Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver names into HTML email output without proper escaping. An attacker with low privileges can store...

5.4CVSS5.5AI score0.00162EPSS
Exploits1References1
NVD
NVD
added 2026/05/05 1:16 p.m.12 views

CVE-2026-27694

Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver names into HTML email output without proper escaping. An attacker with low privileges can store...

5.4CVSS0.00162EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/05 12:20 p.m.7 views

CVE-2026-27694 traccar allows stored HTML injection in notification emails

Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver names into HTML email output without proper escaping. An attacker with low privileges can store...

5.4CVSS5.8AI score0.00162EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/05 12:20 p.m.3 views

CVE-2026-27694

Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver names into HTML email output without proper escaping. An attacker with low privileges can store...

5.4CVSS5.8AI score0.00162EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder