Lucene search
+L

457 matches found

OSV
OSV
added 2026/05/25 8:16 p.m.12 views

UBUNTU-CVE-2026-48848

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

7.2CVSS5.8AI score0.00388EPSS
Exploits0References7
OSV
OSV
added 2026/05/25 7:27 p.m.2 views

CVE-2026-48848

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

7.2CVSS7AI score0.00388EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/25 7:27 p.m.10 views

CVE-2026-48848

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

7.2CVSS5.8AI score0.00388EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 7:27 p.m.8 views

CVE-2026-48848

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

7.2CVSS5.8AI score0.00388EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/25 7:27 p.m.16 views

EUVD-2026-31727

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

7.2CVSS5.8AI score0.00388EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in ruby-rails-html-sanitizer

Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, certain configurations of Rails::Html::Sanitizer could potentially introduce XSS vulnerabilities. An attacker could inject content if the application developer overrides the sanitizer’...

7.2CVSS6.3AI score0.00988EPSS
Exploits1References1
NVD
NVD
added 2026/05/15 1:16 p.m.29 views

CVE-2026-41552

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated PDF. This issue was fixed in PDF...

9.2CVSS0.00497EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/15 12:31 p.m.51 views

CVE-2026-41552 Path Traversal in PDF Export Module

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated PDF. This issue was fixed in PDF...

9.2CVSS0.00497EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/15 12:31 p.m.19 views

EUVD-2026-30539

Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated pdf. This issue was fixed in version 1.1.1...

9.2CVSS5.8AI score0.00397EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/12 1:56 p.m.7 views

CVE-2026-43939

YetAnotherForum.NET YAF.NET is a C ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and later rendered back into the thread page without adequate HTML sanitization or contextual output...

7.3CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/11 5:32 p.m.23 views

CVE-2026-42857

Open edX Platform is affected by CVE-2026-42857 due to the HTML sanitizer in clean_thread_html_body() not removing tags from user-generated discussion content in email notifications. This allows enrolled students to inject arbitrary CSS into emails rendered with Django’s |safe template filter, e...

5.4CVSS5.9AI score0.0021EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/11 5:32 p.m.12 views

EUVD-2026-29165

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

4.6CVSS5.9AI score0.0021EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/11 5:32 p.m.12 views

CVE-2026-42857 Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

4.6CVSS5.9AI score0.0021EPSS
Exploits1References2
OSV
OSV
added 2026/05/11 5:32 p.m.4 views

CVE-2026-42857 Open edX Platform: Stored CSS Injection in Email Notifications via Incomplete HTML Sanitization

Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer cleanthreadhtmlbody used for discussion notification emails fails to remove tags from user-generated discussion post content. This content is rendered with Django's |safe template filter in...

4.6CVSS6AI score0.0021EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/08 9:13 p.m.10 views

EUVD-2026-28831

Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, a stored cross-site scripting XSS vulnerability exists in the campaign management feature, where the email body content created by authenticated project members is stored and later rendered in the admin...

5.4CVSS5.6AI score0.00176EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/06 10:11 p.m.10 views

Kyverno policy-reporter-ui has XSS via Stored Property Values in PropertyCard Component

Summary Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows...

6.1CVSS6AI score0.00183EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/06 8:18 p.m.7 views

GHSA-F5P7-2C9Q-8896 phpMyFAQ has Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization

Summary The FAQ creation and update endpoints in phpMyFAQ apply FILTERSANITIZESPECIALCHARS which HTML-encodes input, then immediately call htmlentitydecode which reverses the encoding, followed by Filter::removeAttributes which only strips HTML attributes — not tags. This allows , , , and tags to...

5.4CVSS6.1AI score0.00153EPSS
Exploits0References4
OSV
OSV
added 2026/05/05 9:27 p.m.4 views

GHSA-9695-8FR9-HW5Q Grav Vulnerable to Publisher-Level Stored XSS via Unquoted Event Attributes

Summary A stored Cross-Site Scripting XSS vulnerability in getgrav/grav allows publisher-level accounts to execute arbitrary JavaScript. The issue arises from a blacklist bypass in the detectXss function when handling unquoted HTML event attributes. Details The detectXss function relies on a...

8.5CVSS6.1AI score0.00238EPSS
Exploits1References4
OSV
OSV
added 2026/04/29 1:50 p.m.8 views

USN-8223-1 roundcube vulnerabilities

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. CVE-2019-15237 It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and...

9.3CVSS7AI score0.5281EPSS
Exploits6References8
NVD
NVD
added 2026/04/27 4:16 p.m.8 views

CVE-2026-41466

ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText function within Security.php that fails to properly sanitize user input by only detecting specific patterns while returning unsanitized strings without output encoding. Attackers ca...

5.4CVSS0.00184EPSS
Exploits0References4
Rows per page
Query Builder