MAL-2026-4767 Malicious code in silly-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2eecfbfdbeccf66833713755c8dffe5f7732119e5d82022a847c508dfef619b0 The package advertises itself as a general-purpose logger, but every call to its debug/info/warn/error/critical methods unconditionally POSTs the...

Astra Linux - уязвимость в liblouis

Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the loulogFile function at logginc.c endpoint...

CVE-2025-13910 WP-WebAuthn <= 1.3.4 - Unauthenticated Stored Cross-Site Scripting

The WP-WebAuthn plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the wwaauth AJAX endpoint in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes logged by the plugin. This makes it...

EUVD-2026-9367

A Reflected Cross-Site Scripting XSS vulnerability in the /IDCLogging/index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is...

CVE-2026-28772

CVE-2026-28772 describes a Reflected XSS in the IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface (version 101) affecting the /IDC_Logging/index.cgi endpoint. The vulnerability arises when the submitType parameter is reflected into the DOM without proper escaping, allowing an at...

SUSE CVE-2017-18896

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint...

GO-2026-4299 Mattermost Server allows attackers to log sensitive information via DEBUG REST API logging endpoint in github.com/mattermost/mattermost-server

Mattermost Server allows attackers to log sensitive information via DEBUG REST API logging endpoint in github.com/mattermost/mattermost-server...

Cross-site Scripting (XSS)

opentsdb is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the insufficient validation of parameters reflected in error messages in the internalError and badRequest functions of HttpQuery.java, which allows an attacker to inject and execute malicious JavaScript through th...

Cross Site Scripting in OpenTSDB

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

CVE-2023-25827

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

Cross site scripting

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

CVE-2023-25827 Cross-site Scripting in OpenTSDB

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

OpenTSDB 跨站脚本漏洞

OpenTSDB is a suite of open source, scalable distributed time series databases. A security vulnerability exists in OpenTSDB versions 1.0.0 through 2.4.1, which stems from an insufficient validation of parameters reflected in error messages by a logging endpoint, and could potentially inject and...

Mattermost Server allows attackers to log sensitive information via DEBUG REST API logging endpoint

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint...

GHSA-63WG-QMRV-7Q66 Mattermost Server allows attackers to log sensitive information via DEBUG REST API logging endpoint

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint...

Unspecified Vulnerability in Mattermost Server (CNVD-2020-52022)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.2.0, 4.1.1 and 4.0.5. An attacker can exploit the vulnerability by adding a DEBUG line to the log with the help of the loggin...

Design/Logic Flaw

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to add DEBUG lines to the logs via a REST API version 3 logging endpoint...