CVE-2026-28355 "PWA" Canarytoken Vulnerable to Stored Self Cross-Site Scripting

Canarytokens help track activity and actions on a network. Versions prior to sha-7ff0e12 have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator can attack themselves or someone they share the link with. The creator of a PWA Canarytoken can inser...

Linux Distros Unpatched Vulnerability : CVE-2020-25631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was...

PT-2019-14552 · Limesurvey · Limesurvey

Name of the Vulnerable Software and Affected Versions: LimeSurvey versions prior to 3.17.14 Description: The issue allows for stored XSS, enabling an attacker to escalate privileges from a low-privileged account to a higher-privileged one, such as SuperAdmin. This is achieved by creating a survey...