SUSE CVE-2026-27616

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as tags or event handlers like onload. The application...

CVE-2025-52650

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0...

CVE-2025-52650

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0...

CVE-2025-52650 HCL AION is susceptible to Inline script execution allowed in CSP vulnerability

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0...

EUVD-2025-33691

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0...

CVE-2025-52650

CVE-2025-52650 – HCL AION v2.0 : A CSP-related issue allows inline script execution due to improper CSP enforcement in HCL AION version 2.0. The root cause is CSP misconfiguration that fails to block inline scripts, enabling potential script injection within the application. Documented sources (P...

PT-2025-41540

Name of the Vulnerable Software and Affected Versions HCL AION version 2.0 Description An issue exists in HCL AION version 2.0 related to Content Security Policy CSP enforcement. Improper CSP configuration allows for the execution of inline scripts, which should be blocked. This enables an attack...

EUVD-2021-2423

Malware in sbrugna...