Lucene search
+L

175 matches found

EUVD
EUVD
added 2026/04/07 8:17 p.m.5 views

EUVD-2026-19724

Emissary has Stored XSS via Navigation Template Link Injection...

4.8CVSS5.9AI score0.00176EPSS
Exploits1References4
OSV
OSV
added 2026/04/07 8:17 p.m.4 views

GHSA-CPM7-CFPX-3HVP Emissary has Stored XSS via Navigation Template Link Injection

Summary Mustache navigation templates interpolated configuration-controlled link values directly into href attributes without URL scheme validation. An administrator who could modify the navItems configuration could inject javascript: URIs, enabling stored cross-site scripting XSS against other...

4.8CVSS5.8AI score0.00176EPSS
Exploits1References5
NVD
NVD
added 2026/04/07 4:16 p.m.7 views

CVE-2026-35571

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, Mustache navigation templates interpolated configuration-controlled link values directly into href attributes without URL scheme validation. An administrator who could modify the navItems configuration could inject javascript:...

4.8CVSS0.00176EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.6 views

PT-2026-30890

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, Mustache navigation templates interpolated configuration-controlled link values directly into href attributes without URL scheme validation. An administrator who could modify the navItems configuration could inject javascript:...

4.8CVSS5.8AI score0.00176EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.24 views

Emissary 跨站脚本漏洞

Emissary is a distributed P2P data-driven workflow framework developed by the National Security Agency. Versions of Emissary prior to 8.39.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Mustache navigation template directly inserting configured link values...

4.8CVSS5.7AI score0.00176EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.6 views

CVE-2026-32117

The grafanacubism-panel plugin allows use of cubism.js in Grafana. In 0.1.2 and earlier, the panel's zoom-link handler passes a dashboard-editor-supplied URL directly to window.location.assign / window.open with no scheme validation. An attacker with dashboard Editor privileges can set the link t...

7.6CVSS5.8AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2026/03/23 4:24 p.m.9 views

CVE-2026-33500 AVideo Vulnerable to Stored XSS via Markdown `javascript:` URI Bypasses ParsedownSafeWithLinks Sanitization

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the fix for CVE-2026-27568 GHSA-rcqw-6466-3mv7 introduced a custom ParsedownSafeWithLinks class that sanitizes raw HTML and tags in comments, but explicitly disables Parsedown's safeMode. This creates a bypass:...

5.4CVSS5.8AI score0.00218EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/23 4:24 p.m.25 views

CVE-2026-33500 AVideo Vulnerable to Stored XSS via Markdown `javascript:` URI Bypasses ParsedownSafeWithLinks Sanitization

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the fix for CVE-2026-27568 GHSA-rcqw-6466-3mv7 introduced a custom ParsedownSafeWithLinks class that sanitizes raw HTML and tags in comments, but explicitly disables Parsedown's safeMode. This creates a bypass:...

5.4CVSS0.00218EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/19 9:30 a.m.4 views

EUVD-2026-13072

The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnUrl' parameter within the Info Cards block in all versions up to, and including, 2.0.7. This is due to insufficient input validation on URL schemes, specifically the...

6.4CVSS6AI score0.00222EPSS
Exploits0References9
NVD
NVD
added 2026/03/19 7:16 a.m.8 views

CVE-2026-4120

The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnUrl' parameter within the Info Cards block in all versions up to, and including, 2.0.7. This is due to insufficient input validation on URL schemes, specifically the...

6.4CVSS0.00222EPSS
Exploits0References8
Hacker One
Hacker One
added 2026/03/12 10:55 p.m.19 views

Ruby on Rails: Rails::HTML::Sanitizer.allowed_uri? returns true for entity-encoded control-character-split javascript: URLs

A vulnerability was discovered in the Rails::HTML::Sanitizer.alloweduri? method of the rails-html-sanitizer library. The method incorrectly returned true for entity-encoded control-character-split javascript: URLs, which could lead to potential security issues if the application relied on the...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/25 4:17 p.m.7 views

CVE-2026-27568

WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be rendered as clickable links. An authenticated...

6.1CVSS5.4AI score0.00229EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 3:21 p.m.11 views

CVE-2026-27568

WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be rendered as clickable links. An authenticated...

6.1CVSS0.00229EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/24 2:53 p.m.25 views

CVE-2026-27568 AVideo has Stored Cross-Site Scripting via Markdown Comment Injection

WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be rendered as clickable links. An authenticated...

5.1CVSS0.00229EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/24 2:53 p.m.4 views

CVE-2026-27568 AVideo has Stored Cross-Site Scripting via Markdown Comment Injection

WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be rendered as clickable links. An authenticated...

5.1CVSS5.9AI score0.00229EPSS
Exploits0References3
OSV
OSV
added 2026/02/20 9:15 p.m.6 views

GHSA-RCQW-6466-3MV7 AVideo has Stored Cross-Site Scripting via Markdown Comment Injection

Vulnerability Type Stored Cross-Site Scripting XSS — CWE-79. Affected Product/Versions AVideo 18.0. Root Cause Summary AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be...

5.1CVSS5.6AI score0.00229EPSS
Exploits0References5
OSV
OSV
added 2026/02/18 6:59 p.m.5 views

CVE-2026-25500 Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory generates an HTML directory index where each file entry is rendered as a clickable link. If a file exists on disk whose basename starts with the javascript: scheme e.g. javascript:alert1, the...

5.4CVSS5.5AI score0.00224EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.12 views

Rack 跨站脚本漏洞

Rack is a modular Ruby web server interface developed by the Rack open source project. Versions of Rack prior to 2.2.22, 3.1.20, and 3.2.5 had a cross-site scripting vulnerability. This vulnerability stemmed from the HTML directory index generated by Rack::Directory, which contained clickable...

5.4CVSS6.3AI score0.00224EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/15 7:10 a.m.17 views

CVE-2026-1985

The Press3D plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 3D Model Gutenberg block in all versions up to, and including, 1.0.2. This is due to the plugin failing to sanitize and validate the URL scheme when storing link URLs for 3D model blocks, allowing javascript:...

6.4CVSS5.8AI score0.00279EPSS
Exploits0References1
NVD
NVD
added 2026/02/14 7:16 a.m.6 views

CVE-2026-1985

The Press3D plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 3D Model Gutenberg block in all versions up to, and including, 1.0.2. This is due to the plugin failing to sanitize and validate the URL scheme when storing link URLs for 3D model blocks, allowing javascript:...

6.4CVSS0.00279EPSS
Exploits0References5
Rows per page
Query Builder