Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 9:30 a.m.6 views

EUVD-2025-32704

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

5.3CVSS5.5AI score0.00321EPSS
Exploits0References6
NVD
NVD
added 2025/10/07 9:15 a.m.5 views

CVE-2025-11360

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

5.3CVSS0.00321EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/07 9:2 a.m.5 views

CVE-2025-11360 jakowenko double-take API app.js app.use cross site scripting

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

5.3CVSS5.7AI score0.00321EPSS
Exploits0References5
CVE
CVE
added 2025/10/07 9:2 a.m.12 views

CVE-2025-11360

CVE-2025-11360 affects jakowenko double-take up to 1.13.1, specifically the API component (api/src/app.js). The vulnerability arises from manipulating the X-Ingress-Path in app.use, enabling cross-site scripting that can be exploited remotely. A fix is available in version 1.13.2; the patch is id...

5.3CVSS4.2AI score0.00321EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/07 9:2 a.m.11 views

CVE-2025-11360 jakowenko double-take API app.js app.use cross site scripting

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

5.3CVSS0.00321EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-40975

Name of the Vulnerable Software and Affected Versions jakowenko double-take versions up to 1.13.1 Description A flaw exists in the API component of jakowenko double-take. The issue is related to the app.use function within the api/src/app.js file. Manipulation of the X-Ingress-Path argument can...

5.3CVSS4AI score0.00321EPSS
Exploits0References9
Rows per page
Query Builder