EUVD-2026-31507

NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting XSS vulnerability caused by insufficient server-side input sanitization in the Request class. The application relies primarily on client-side filtering to sanitize HTML tags and...

CVE-2026-42239

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

CVE-2026-42239 Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

CVE-2026-42239 Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

xsslab

Dalfox XSS Lab Stored XSS / second-order XSS laboratory for i...

CVE-2025-10503

The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious JavaScript payloads, enabling reflected cross-site scripting. An attacker can leverage this...

CVE-2025-10503

The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious JavaScript payloads, enabling reflected cross-site scripting. An attacker can leverage this...

CVE-2025-10503

WSO2 Identity Server: CVE-2025-10503 is a reflected cross-site scripting flaw in the authentication endpoint caused by insufficient output encoding for user-supplied input. This allows injection of malicious JavaScript payloads that can redirect users, alter the UI, or retrieve information from t...

PT-2026-35879

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allo...

GHSA-4F9J-VR4P-642R Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover

Summary The budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. Given that Budibase has had XSS vulnerabilities GHSA-gp5x-2v54-v2q5 — stored XSS via unsanitized enti...

PT-2026-37181

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.35.10 Description The budibase:auth cookie, which contains the JWT session token, is configured with httpOnly: false in the packages/backend-core/src/utils/utils.ts file. This allows JavaScript to access the cookie...

CVE-2026-34403

CVE-2026-34403 : Nginx-UI before 2.3.5 suffers Cross‑Site WebSocket Hijacking (CSWSH) due to an unsafe WebSocket upgrader that unconditionally sets CheckOrigin to true across all endpoints, enabling authenticated WebSocket connections from attacker‑controlled pages. Token authentication is stored...

CVE-2024-4867

The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script content that is executed within the context of a user's browser. By leveraging this cross-site...

CVE-2024-10242

The CVE-2024-10242 entry describes a reflected cross-site scripting vulnerability in the authentication endpoint of WSO2 API Manager. The flaw stems from inadequate validation of user-supplied input that is reflected in the response, enabling an attacker to inject script payloads that execute in ...

CVE-2024-10242

The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input parameters, which are then executed by the victim's browser. Successful exploitation can enable an...

CVE-2026-22322

A stored cross‑site scripting XSS vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create a trunk entry containing malicious HTML/JavaScript code. When the affected page is viewed, the injected script executes in the context of the victim’...

Siemens SIMATIC S7-1500 Sensitive Cookie Without 'HttpOnly' Flag (CVE-2025-38477)

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

CVE-2026-22322

A stored cross‑site scripting XSS vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create a trunk entry containing malicious HTML/JavaScript code. When the affected page is viewed, the injected script executes in the context of the victim’...

EUVD-2026-11387

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, stored cross-site scripting XSS in the Graphical Pain Map "clickmap" form allows any authenticated clinician to inject arbitrary JavaScript that executes in the browser of...

Sensitive Cookie Without "HttpOnly" Flag

Overview Affected versions of this package are vulnerable to Sensitive Cookie Without "HttpOnly" Flag via the comment field in the custom rules process. An attacker can execute arbitrary JavaScript in the context of the WebUI by submitting crafted input that is stored by the backend and rendered...