22 matches found
EUVD-2024-55004
Malicious code in bioql PyPI...
EUVD-2024-54704
Malicious code in bioql PyPI...
EUVD-2024-54697
Malicious code in bioql PyPI...
CVE-2024-56915
Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...
CVE-2024-56915
Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...
CVE-2024-56915
CVE-2024-56915 affects NetBox Community from version 4.1.7, vulnerable to Cross Site Scripting via the RSS feed widget. The issue is fixed in v4.2.2; upgrade to 4.2.2 to remediate. The available sources describe the vulnerability as an XSS in the RSS feed widget, with no public exploitation detai...
CVE-2024-56915
Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...
CVE-2024-56915
Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...
PT-2025-26975 ยท Unknown ยท Netbox Community
Name of the Vulnerable Software and Affected Versions: Netbox Community versions 4.1.7 through 4.2.1 Description: The issue is related to Cross Site Scripting XSS via the RSS feed widget. This allows for potential malicious script execution. Recommendations: For Netbox Community version 4.1.7,...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
CVE-2024-56918 affects Netbox Community 4.1.7, with a login-page cross-site scripting (XSS) vulnerability that can exfiltrate privileged, authenticated user input from the login form. The documents do not provide concrete exploit details or a confirmed patch version. Some entries reference mitiga...
CVE-2024-56916
CVE-2024-56916 (NetBox Community 4.1.7) is a cross-site scripting (XSS) vulnerability in the Configuration History > Add feature, caused by the current value field rendering user-supplied HTML. An authenticated attacker can inject malicious JavaScript into the banner field, and the payload tri...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...