Lucene search
K

897 matches found

EUVD
EUVD
added 5 days ago6 views

EUVD-2025-210428

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS6AI score0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2025-8591

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS6AI score0.00161EPSS
Exploits0References2Affected Software8
NVD
NVD
added 2026/07/03 11:16 a.m.10 views

CVE-2026-10054

In affected versions of Eclipse Theia 1.8.1 and later, the browser backend exposes privileged terminal RPC over WebSocket /services/shell-terminal, /services/terminals/:id without service-level authentication. WebSocket origin validation in @theia/core is fail-open: connections are accepted when...

8.8CVSS0.00159EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/29 7:29 p.m.5 views

Sensitive Cookie Without "HttpOnly" Flag

Overview Affected versions of this package are vulnerable to Sensitive Cookie Without "HttpOnly" Flag via missing HttpOnly and Secure attributes on the pinpointJwt session cookie. An attacker can access session tokens by exploiting stored or reflected cross-site scripting to exfiltrate the cookie...

7.6CVSS5.9AI score0.00126EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 6:16 p.m.11 views

CVE-2026-57948

Pinpoint through version 3.1.0 contains an insecure session management vulnerability that allows attackers to access the pinpointJwt session cookie due to missing HttpOnly and Secure attributes, enabling JavaScript access via document.cookie and cleartext transmission over HTTP. Attackers can...

7.6CVSS0.00126EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ceph

A flaw was discovered in Red Hat Ceph Storage 4, within the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for documentation purposes, which again exposes them to...

6.1CVSS6.7AI score0.017EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.10 views

CVE-2025-6024

The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection. An attacker can leverage this by injecting malicious scripts into the authentication endpoint. This can result in the user's browser being redirected to a malicious...

6.1CVSS5.5AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.8 views

CVE-2024-4867

The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script content that is executed within the context of a user's browser. By leveraging this cross-site...

5.4CVSS5.2AI score0.00195EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 9:45 p.m.10 views

CVE-2026-41147

NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting XSS vulnerability caused by insufficient server-side input sanitization in the Request class. The application relies primarily on client-side filtering to sanitize HTML tags and...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/22 9:45 p.m.30 views

CVE-2026-41147

CVE-2026-41147 (NukeViet CMS) is a stored XSS issue affecting NukeViet CMS versions up to 4.5.08, caused by insufficient server-side input sanitization in the Request class. The app relies on client-side filtering for user-submitted HTML, which can be bypassed by altering HTTP requests. Attackers...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/15 4:45 p.m.9 views

Cross-site Scripting (XSS)

Overview nukeviet/nukeviet is a the first opensource CMS in Vietnam. Affected versions of this package are vulnerable to Cross-site Scripting XSS via insufficient server-side input sanitization in the Request class. An attacker can execute arbitrary scripts in the context of another user's browse...

8.7CVSS5.8AI score0.00349EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 6:49 p.m.6 views

CVE-2026-42239

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

8.1CVSS5.8AI score0.00283EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/05/07 6:49 p.m.8 views

EUVD-2026-28429

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

8.1CVSS5.8AI score0.00283EPSS
Exploits1References2
CVE
CVE
added 2026/05/07 6:49 p.m.26 views

CVE-2026-42239

Budibase (backend-core, budibase:auth cookie) is affected prior to version 3.35.10. The issue is that the budibase:auth cookie is set HTTPOnly: false, lacks secure: true and sameSite, allowing access to the JWT session token via document.cookie. This enables any XSS to escalate to full account ta...

8.1CVSS5.8AI score0.00283EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/04/24 4:18 p.m.40 views

Sensitive Cookie Without "HttpOnly" Flag

Overview @budibase/backend-core is a Budibase backend core libraries used in server and worker Affected versions of this package are vulnerable to Sensitive Cookie Without "HttpOnly" Flag via the set function in the cookie handling process. An attacker can gain unauthorized access to user account...

8.4CVSS5.5AI score0.00283EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
added 2026/04/21 12:0 a.m.30 views

Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints

All WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking CSWSH. Combined with the fact that authentication tokens are stored in browser cookies set via JavaScript without HttpOnly or explicit...

8.1CVSS5.8AI score0.00176EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/20 9:16 p.m.4 views

CVE-2026-34403

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking CSWSH. Combined with the fact that authentication tokens...

8.1CVSS0.00176EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/20 8:16 p.m.5 views

CVE-2026-34403

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking CSWSH. Combined with the fact that authentication tokens...

6.9CVSS5.7AI score0.00176EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/04/16 12:31 p.m.6 views

EUVD-2024-55547

The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script content that is executed within the context of a user's browser. By leveraging this cross-site...

5.4CVSS5.7AI score0.00195EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/16 12:31 p.m.6 views

EUVD-2025-209497

The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection. An attacker can leverage this by injecting malicious scripts into the authentication endpoint. This can result in the user's browser being redirected to a malicious...

6.1CVSS5.7AI score0.0023EPSS
Exploits0References2
Rows per page
Query Builder