CVE-2026-11994

CVE-2026-11994 concerns Akaunting 3.1.21, reporting an authenticated stored XSS in the report description rendering . A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report, potentially affecting other users interacting with the...

Delinea PAM Secret Server 安全漏洞

Delinea PAM Secret Server is a key service manager from Delinea. An Access Control Error vulnerability exists in Delinea PAM Secret Server version 11.4, which can be exploited by an attacker to view system reports and modify customized reports via the Reports feature in the Web UI when Unrestrict...

PT-2024-21069 · Delinea · Delinea Pam Secret Server

Name of the Vulnerable Software and Affected Versions: Delinea PAM Secret Server version 11.4 Description: The issue allows unprivileged users to view system reports and modify custom reports via the Report functionality in the Web UI when Unlimited Admin Mode is enabled. Recommendations: For...

CVE-2016-0342

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783...

CVE-2017-6338

Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or modify reports, or upload an HTTPS Decryption...