Lucene search
K

23 matches found

Cvelist
Cvelist
added 2026/06/23 4:14 p.m.31 views

CVE-2026-44960

A stored XSS can be exploited by leveraging the usernames as an attack vector. When an admin user viewed the audit log details for affected entries, any malicious JavaScript payload embedded in the username would be executed due to missing output sanitisation. Proper escaping has been added to th...

0.00339EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 4:14 p.m.10 views

CVE-2026-44960

Vulnerability summary (CVE-2026-44960) : A stored XSS exists in Revive Adserver where malicious content placed in the username could be executed when an admin views audit log details, due to missing output sanitisation. The issue is triggered by usernames being displayed in the audit log details ...

5.7AI score0.00339EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 4:14 p.m.5 views

EUVD-2026-38503

A stored XSS can be exploited by leveraging the usernames as an attack vector. When an admin user viewed the audit log details for affected entries, any malicious JavaScript payload embedded in the username would be executed due to missing output sanitisation. Proper escaping has been added to th...

5.7AI score0.00339EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/04/17 1:4 p.m.16 views

Revive Adserver: Stored XSS via malicious usernames in audit log details + Username validation bypass in XML‑RPC addUser

Vulnerability description not provided...

5.8AI score0.00339EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-15204

Malware in sbrugna...

5.9CVSS5.9AI score0.01699EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.2 views

WordPress plugin Ultimate WP Mail 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.6AI score0.00441EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.2 views

PT-2025-29716 · WordPress · The Ultimate Wp Mail

Name of the Vulnerable Software and Affected Versions: The Ultimate WP Mail versions 1.0.17 through 1.3.6 Description: The plugin is susceptible to privilege escalation due to insufficient authorization within the get email log details AJAX handler. The handler retrieves email log post content,...

8.8CVSS6.6AI score0.00441EPSS
Exploits0References10
OSV
OSV
added 2024/10/05 12:34 a.m.8 views

GHSA-RMCP-9FHQ-58PV Improper permissions handling in MediaWiki AbuseFilter

An issue was discovered in the AbuseFilter extension for MediaWiki before 1.39.9, 1.40.x and 1.41.x before 1.41.3, and 1.42.x before 1.42.2. An API caller can match a filter condition against AbuseFilter logs even if the caller is not authorized to view the log details for the filter...

5.3CVSS4.9AI score0.00441EPSS
Exploits1References4
OSV
OSV
added 2024/10/04 10:15 p.m.3 views

DEBIAN-CVE-2024-47913

An issue was discovered in the AbuseFilter extension for MediaWiki before 1.39.9, 1.40.x and 1.41.x before 1.41.3, and 1.42.x before 1.42.2. An API caller can match a filter condition against AbuseFilter logs even if the caller is not authorized to view the log details for the filter...

5.3CVSS5.3AI score0.00441EPSS
Exploits1References1
OSV
OSV
added 2024/10/04 10:15 p.m.2 views

UBUNTU-CVE-2024-47913

An issue was discovered in the AbuseFilter extension for MediaWiki before 1.39.9, 1.40.x and 1.41.x before 1.41.3, and 1.42.x before 1.42.2. An API caller can match a filter condition against AbuseFilter logs even if the caller is not authorized to view the log details for the filter...

5.3CVSS5.8AI score0.00441EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/10/04 12:0 a.m.4 views

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from a security vulnerability that stems from the fact that even though API...

5.3CVSS6.7AI score0.00441EPSS
Exploits1References3
Citrix
Citrix
added 2024/07/13 12:0 a.m.8 views

Uninstallation of the Citrix License Server Fails with Error 1722

The uninstallation of the Citrix License Server fails and the following error message is displayed: “Product: Citrix Licensing -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or...

7AI score
Exploits0
OSV
OSV
added 2024/05/14 6:31 p.m.30 views

GHSA-52GM-QMG3-R4QP Apache Airflow: XSS vulnerability in Task Instance Log/Log Details

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS5.2AI score0.01559EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/05/14 6:31 p.m.23 views

Apache Airflow: XSS vulnerability in Task Instance Log/Log Details

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS5.2AI score0.01559EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/14 10:43 a.m.20 views

CVE-2024-32077 Apache Airflow: XSS vulnerability in Task Instance Log/Log Details

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.2AI score0.01559EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/14 10:43 a.m.29 views

CVE-2024-32077 Apache Airflow: XSS vulnerability in Task Instance Log/Log Details

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

6.5AI score0.01559EPSS
Exploits0References3
Citrix
Citrix
added 2022/09/22 12:0 a.m.8 views

EPA failure (Access denied)

EPA failure with the following error seen in the logs: 2022-04-13 12:24:19.079 | Tid: 03344 | ERROR | downloadEpaLib | 296 | Failed to verify downloaded EPA library 2022-04-13 12:24:19.079 | Tid: 03344 | DEBUG | nsverifyfile: called 2022-04-13 12:24:19.080 | Tid: 03344 | ERROR | nsverifyTrustedCe...

7AI score
Exploits0
Citrix
Citrix
added 2019/10/15 12:0 a.m.6 views

Errors testing new connector to CHv 8 - "Connection Error: A failure occurred connecting to Citrix Hypervisor. Error = write EPROTO 140247625111360:error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol"

When i try to configure a connector for this server on Citrix Hypervisor 8, if we check "Use Secured Communications", we get the error "Failed to connect to the server at ...". If we uncheck "Use Secured Communications" and "Ignore Certificate Errors", we can configure the connector. In the file...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/03/27 12:0 a.m.5 views

NetIQ Identity Manager System or Configuration Enumeration Vulnerability

NetIQ Identity Manager is a comprehensive identity and access control solution. A system or configuration enumeration vulnerability exists in NetIQ Identity Manager versions prior to 4.7. An attacker could exploit this vulnerability for system or configuration enumeration using details provided i...

5.3CVSS6.7AI score0.00792EPSS
Exploits0References1
Prion
Prion
added 2017/12/21 5:29 p.m.17 views

Design/Logic Flaw

In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system appends log details when responding to client requests. Details in the log file can vary; customers running debug mode logging with BIG-IP APM are at highest risk...

4.3CVSS5.7AI score0.01699EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder