Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/06/23 8:35 p.m.27 views

CVE-2026-47377 NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that...

5.1CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:35 p.m.22 views

CVE-2026-47377

NocoDB before 2026.04.1 is vulnerable to an open redirect via the client-side hashRedirect plugin. The plugin constructs a URL from the hash fragment and uses window.location.replace, and it accepts protocol-relative paths (e.g., //attacker.com/…), enabling silent redirection to attacker-controll...

5.1CVSS5.9AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:0 p.m.8 views

GHSA-RVP5-9P55-F5RP NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin

Summary The client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that check, so a crafted link such as...

5.1CVSS5.5AI score0.00239EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/05 4:0 p.m.11 views

NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin

Summary The client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that check, so a crafted link such as...

5.1CVSS5.5AI score0.00239EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.10 views

PT-2026-46995

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description The client-side hashRedirect plugin in the packages/nc-gui/plugins/hashRedirect.client.ts file performs an insufficient check on paths extracted from the URL hash fragment. The plugin uses the...

5.1CVSS5.8AI score0.00239EPSS
Exploits0References7
Snyk
Snyk
added 2026/04/22 12:8 a.m.4 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the processing of request paths containing a number sign or its encoded form %23 when using skipauthroutes or skipauthregex settings. An attacker can gain unauthorized access t...

8.3CVSS5.4AI score0.00275EPSS
Exploits0References2
CVE
CVE
added 2026/04/12 12:28 p.m.9 views

CVE-2017-20239

MDwiki contains a cross-site scripting vulnerability reachable through the location hash parameter. The issue allows remote attackers to execute arbitrary JavaScript in the victim’s browser by crafting a URL with a malicious hash fragment that is parsed and rendered without sanitization. Document...

6.1CVSS6.1AI score0.00266EPSS
Exploits1References2Affected Software1
Huntr
Huntr
added 2021/09/15 6:0 a.m.9 views

Cross-site Scripting (XSS) - DOM in zoujingli/thinkadmin

Description DOM based xss via url hash frgament Proof of Concept First login into https://v6.thinkadmin.top and then visit https://v6.thinkadmin.top/admin.htmlhttps://bbounty.000webhostapp.com/cors.php?id=xxxxx2 and see xss is executed Impact DOM based xss via url hash fragment...

1.3AI score
Exploits0
Rows per page
Query Builder