5 matches found
CVE-2026-33609
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
CVE-2026-33609 LDAP DN injection
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
CVE-2026-33609 LDAP DN injection
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
CVE-2026-40479 Kimai: Stored XSS via Incomplete HTML Attribute Escaping in Team Member Widget
Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml function in KimaiEscape.js does not escape double quote or single quote characters. When a user's profile alias is inserted into an HTML attribute context via the team member form prototype and...
CVE-2026-34483 Apache Tomcat: Incomplete escaping of JSON access logs
Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 o...