6 matches found
CVE-2026-35169
LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the helpeditor module of LORIS did not properly sanitize some user supplied variables which could result i...
CVE-2026-35169
LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the helpeditor module of LORIS did not properly sanitize some user supplied variables which could result i...
CVE-2026-35169 LORIS has potential cross-site scripting in help_editor module
LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the helpeditor module of LORIS did not properly sanitize some user supplied variables which could result i...
EUVD-2026-20574
LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the helpeditor module of LORIS did not properly sanitize some user supplied variables which could result i...
LORIS Neuroimaging Platform 安全漏洞
LORIS Neuroimaging Platform is a neuroimaging platform open sourced by ACElab. Versions of LORIS Neuroimaging Platform prior to 27.0.3 and 28.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the helpeditor module not properly cleaning user inputs, which could lead to...
PT-2026-31427
Name of the Vulnerable Software and Affected Versions LORIS versions prior to 27.0.3 and version 28.0.1 Description The LORIS application does not properly sanitize user-supplied variables within the help editor module, potentially leading to a reflected cross-site scripting attack if a user is...