19 matches found
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
EUVD-2026-9824
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
PT-2026-23454
Name of the Vulnerable Software and Affected Versions Koha versions 25.11 and earlier Description A Cross Site Scripting issue exists in Koha. A remote attacker may be able to execute arbitrary code through the News function. The issue allows for the injection of malicious scripts into web pages...
CVE-2026-26377
CVE-2026-26377: Cross Site Scripting in Koha 25.11 and earlier via the News function. A remote attacker could execute arbitrary code in affected Koha versions. Affected software/component: Koha News feature (Koha 25.11 and earlier). Root cause: cross-site scripting vulnerability in the News funct...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
CVE-2026-26377
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via the News function...
YiiCMS Cross-Site Scripting Vulnerability
YiiCMS is an enterprise website system developed with yii2. A cross-site scripting XSS vulnerability exists in YiiCMS version 1.0. An attacker can exploit this vulnerability to execute arbitrary code via the news function...
GHSA-GQR4-CVF4-3957 YiiCMS Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in YiiCMS v.1.2.0 and prior allows a remote attacker to execute arbitrary code via the news function...
YiiCMS Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in YiiCMS v.1.2.0 and prior allows a remote attacker to execute arbitrary code via the news function...
CVE-2020-21246
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
CVE-2020-21246
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
Cross site scripting
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...
CVE-2020-21246
YiiCMS contains a Cross-Site Scripting vulnerability in version 1.0 (and affecting 1.2.0 and prior) where a malicious user can exploit the NEWS function to execute arbitrary code. The issue is documented across multiple sources (NVD entry CVE-2020-21246, CNVD, GHSA, OSV, GitHub advisories, Red Ha...
PT-2023-11579 · Yiicms · Yiicms
Name of the Vulnerable Software and Affected Versions: YiiCMS versions 1.2.0 and prior YiiCMS version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the news function, which is affected by a Cross Site Scripting vulnerability. Recommendations: For YiiCMS version...
YiiCMS 跨站脚本漏洞
YiiCMS is an enterprise website system developed with yii2. A cross-site scripting XSS vulnerability exists in YiiCMS version 1.0. An attacker can exploit this vulnerability to execute arbitrary code via the news function...
CVE-2020-21246
Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function...