CVE-2026-42157 Flowsint: Stored XSS on map node marker in map page

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a map node with a malicious label that contains arbitrary HTML. When the map tab is selected and a map node marker is...

CVE-2025-40894

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alert...

EUVD-2025-208267

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alert...

CVE-2025-40894

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alert...

CVE-2025-40894 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alert...

CVE-2025-40894

CVE-2025-40894 describes a Stored HTML Injection in the Alerted Nodes Dashboard due to improper input validation. A logged-in user with required privileges can edit a node label to inject HTML, which may render in a victim’s browser if alerts exist for that node, enabling phishing and potentially...

HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0

Summary A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. Impact A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured t...

PT-2026-22914

A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alert...

CVE-2023-50231

NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is required to exploi...

PT-2023-7963 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the saveNodeLabel method in the NETGEAR ProSAFE Network Management System, which lacks proper validation of user-supplied data. Thi...

Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin

Jenkins Node and Label parameter Plugin 1.10.3 and earlier does not escape the name and description of Node and Label parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of th...

Opennms Group OpenNMS 跨站脚本漏洞

Opennms Group OpenNMS is an open source, enterprise-grade network monitoring and network management platform from the U.S.-based OpenNMS Group Opennms Group. A cross-site scripting vulnerability exists in OpenNMS Horizon and OpenNMS Meridian, which stems from the fact that the function...