Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:44 a.m.6 views

CVE-2022-23602

Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum'...

8.1CVSS6.5AI score0.00386EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-28572

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00386EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2021-33525

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00669EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2023/02/15 3:35 a.m.4 views

SUSE CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS5.8AI score0.00669EPSS
Exploits0References3
NVD
NVDadded 2023/01/13 6:15 a.m.9 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score0.00669EPSS
Exploits0References5
OSV
OSVadded 2023/01/13 6:15 a.m.3 views

DEBIAN-CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score0.00669EPSS
Exploits0References1
OSV
OSVadded 2023/01/13 6:15 a.m.12 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score
Exploits0References5
OSV
OSVadded 2023/01/13 6:15 a.m.1 views

UBUNTU-CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS5.7AI score0.00669EPSS
Exploits0References7
CVE
CVEadded 2023/01/13 12:0 a.m.38 views

CVE-2021-46872

The CVE describes an issue in Nim before 1.6.2 where the RST module of the Nim stdlib (used by NimForum and other products) permits the javascript: URI scheme, enabling potential XSS in affected applications. The fixed version is Nim 1.6.2 and later; NimForum 2.2.0 is explicitly fixed. Some backp...

6.1CVSS5.9AI score0.00669EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCveadded 2023/01/13 12:0 a.m.15 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6.3AI score0.00669EPSS
Exploits0References6
NVD
NVDadded 2022/02/01 11:15 a.m.7 views

CVE-2022-23602

Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum'...

8.1CVSS0.00386EPSS
Exploits1References2
Prion
Prionadded 2022/02/01 11:15 a.m.14 views

Code injection

Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum'...

5.5CVSS7.8AI score0.00386EPSS
Exploits1References2Affected Software2
OSV
OSVadded 2022/02/01 10:56 a.m.12 views

CVE-2022-23602 Nim's rst parser sandboxed mode allows include which can embed any local file

Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum'...

7.7CVSS7.7AI score0.00386EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/02/01 10:56 a.m.18 views

CVE-2022-23602 Nim's rst parser sandboxed mode allows include which can embed any local file

Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum'...

7.7CVSS8.1AI score0.00386EPSS
Exploits1References2
CVE
CVEadded 2022/02/01 10:56 a.m.140 views

CVE-2022-23602

CVE-2022-23602 affects Nimforum prior to 2.2.0. A user can create a thread/post with an include pointing to a local file, causing Nimforum to render the file; this can also be triggered via the post preview endpoint. Consequence includes exposure of sensitive data such as forum.json secrets. Vers...

8.1CVSS7.7AI score0.00386EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichmentadded 2022/02/01 10:56 a.m.4 views

CVE-2022-23602 Nim's rst parser sandboxed mode allows include which can embed any local file

Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This can also be done silently by using NimForum'...

7.7CVSS7.9AI score0.00386EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/02/01 12:0 a.m.3 views

Nimforum 路径遍历漏洞

Nimforum is a lightweight forum implementation that shares many similarities with Discourse. It is implemented in the Nim programming language and uses SQLite as its database. Nimforum suffers from a path traversal vulnerability, which arises from the fact that any forum user can create a post...

8.1CVSS7.8AI score0.00386EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2022/02/01 12:0 a.m.3 views

PT-2022-16117 · Nimforum · Nimforum

Name of the Vulnerable Software and Affected Versions: Nimforum versions prior to 2.2.0 Description: The issue allows any forum user to create a new thread or post that includes a reference to a local file on the host operating system. Nimforum will render the file if possible. This can be done...

8.1CVSS7.9AI score0.00386EPSS
Exploits1References8
Rows per page
Query Builder