GO-2026-4277 listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk

listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

JVN#65660590: boastMachine vulnerable to cross-site scripting

boastMachine provided by knadh contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Stop using "boastMachine" The developer states that the product is no longer supported, therefore stop using the product. Products...

Cross-site Scripting (XSS) - Stored in knadh/listmonk

✍️ Description Hello, I found stored xss on Logs while creating new campaign works with other stuff not only campaign 🕵️‍♂️ Proof of Concept https://drive.google.com/file/d/1Y5CMQdfzzdWwcCsQ8y85GgWPOilJVOgo/view?usp=sharing sorry for bad quality Payload: asdf" 💥 Impact xss...

Cross-site Scripting (XSS) - Stored in knadh/listmonk

✍️ Description Stored xss 🕵️‍♂️ Proof of Concept Check this recorded video https://drive.google.com/file/d/1wlbisKCbYUZprOkAGzWGRQm0f-LDRD/view?usp=sharing 💥 Impact xss...