Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/12/23 7:35 p.m.27 views

CVE-2021-47737 CSZ CMS 1.2.7 HTML Injection Vulnerability via Member Dashboard

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks...

5.4CVSS0.00244EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/23 7:35 p.m.3 views

CVE-2021-47737 CSZ CMS 1.2.7 HTML Injection Vulnerability via Member Dashboard

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks...

5.4CVSS6.6AI score0.00244EPSS
Exploits1References4
OSV
OSV
added 2024/03/06 10:57 a.m.21 views

BIT-MEDIAWIKI-2023-51704

An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...

6.1CVSS6AI score0.00681EPSS
Exploits1References5
OSV
OSV
added 2023/12/22 2:15 a.m.1 views

DEBIAN-CVE-2023-51704

An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...

6.1CVSS6.1AI score0.00681EPSS
Exploits1References1
OSV
OSV
added 2023/12/22 2:15 a.m.1 views

UBUNTU-CVE-2023-51704

An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group--member messages can result in XSS on Special:log/rights...

6.1CVSS5.8AI score0.00681EPSS
Exploits1References4
Rows per page
Query Builder