2 matches found
CVE-2026-38579
Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliativelte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptidkey parameter lines 26, 42 in...
PT-2024-26126 · Oceanic · Oceanic
Name of the Vulnerable Software and Affected Versions: Oceanic versions prior to 1.10.4 Description: The issue arises from the lack of url-encoding for input to certain functions, such as Client.rest.channels.removeBan. This allows specially crafted input, like ../../../channels/id, to be...