Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.4 views

CVE-2026-39985

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, the redirect parameter upon login to LORIS was not validating the value of the redirect as being within LORIS,...

6.1CVSS5.9AI score0.00204EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 6:24 p.m.3 views

EUVD-2026-20574

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the helpeditor module of LORIS did not properly sanitize some user supplied variables which could result i...

8.7CVSS5.9AI score0.00157EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.10 views

PT-2026-31429

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 15.10 to before 27.0.3 and 28.0.1, there is a potential for a cross-site scripting attack in the survey accounts module if a user...

6.5CVSS5.8AI score0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31426

Name of the Vulnerable Software and Affected Versions LORIS versions 21.0.0 through 27.0.2 and 28.0.0 Description LORIS is a self-hosted web application for neuroimaging research data and project management. A flaw exists where the backend endpoint did not properly verify file access permissions...

6.3CVSS5.9AI score0.00165EPSS
Exploits0References4
Rows per page
Query Builder