Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:25 a.m.5 views

CVE-2024-50810

hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...

5.4CVSS5.9AI score0.00218EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:25 a.m.7 views

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \\apps\\tool\\apis\\bdpush.py does not securely filter user input through pushurls and geturls...

9.1CVSS7AI score0.00354EPSS
Exploits0References1
OSV
OSV
added 2024/11/08 7:15 p.m.4 views

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \apps\tool\apis\bdpush.py does not securely filter user input through pushurls and geturls...

9.1CVSS5.8AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2024/11/08 7:15 p.m.25 views

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \apps\tool\apis\bdpush.py does not securely filter user input through pushurls and geturls...

9.1CVSS0.00354EPSS
Exploits0References1
NVD
NVD
added 2024/11/08 7:15 p.m.11 views

CVE-2024-50810

hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...

5.4CVSS0.00218EPSS
Exploits0References1
CVE
CVE
added 2024/11/08 12:0 a.m.35 views

CVE-2024-50810

CVE-2024-50810 affects hopetree izone lts (version c011b48). The vulnerability is a Cross Site Scripting (XSS) in the article comment function, caused by AddCommintView() not properly filtering user input and rendering it directly via templates in apps/comment/views.py. This can allow attacker-co...

5.4CVSS5.9AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/08 12:0 a.m.19 views

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \apps\tool\apis\bdpush.py does not securely filter user input through pushurls and geturls...

0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.4 views

PT-2024-34419 · Unknown · Hopetree Izone Lts

Name of the Vulnerable Software and Affected Versions: hopetree izone lts version c011b48 Description: The issue is related to a Cross Site Scripting XSS vulnerability in the article comment function. Specifically, the AddCommintView function in appscommentviews.py does not securely filter user...

5.4CVSS5.6AI score0.00218EPSS
Exploits0References6
CVE
CVE
added 2024/11/08 12:0 a.m.72 views

CVE-2024-50811

The CVE-2024-50811 entry concerns hopetree izone lts, version c011b48, which contains a server-side request forgery (SSRF) in the active push function. The vulnerability is caused by inadequate input filtering in the internal functions push_urls() and get_urls() within apps/tool/apis/bd_push.py, ...

9.1CVSS7AI score0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/08 12:0 a.m.7 views

CVE-2024-50810

hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...

5.9AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/08 12:0 a.m.15 views

CVE-2024-50810

hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...

0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.4 views

izone 安全漏洞

izone is a Django-based blogging project by the individual developer of Hopetree. A security vulnerability exists in izone, which stems from the pushurls and geturls functions in apps oolapisdpush.py containing a server-side request forgery...

9.1CVSS6.8AI score0.00354EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.5 views

izone 安全漏洞

izone is a Django-based blogging project by the individual developer of Hopetree. A security vulnerability exists in izone, which stems from the AddCommintView function in appscommentviews.py contains a cross-site scripting XSS vulnerability...

5.4CVSS5.9AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/08 12:0 a.m.10 views

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \apps\tool\apis\bdpush.py does not securely filter user input through pushurls and geturls...

7AI score0.00354EPSS
Exploits0References1
Rows per page
Query Builder