EUVD-2025-18380

Malicious code in bioql PyPI...

CVE-2025-40726

Reflected Cross-Site Scripting XSS vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET request parameter...

CVE-2025-40726

Reflected Cross-Site Scripting XSS vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET request parameter...

CVE-2025-40726 Cross-Site Scripting (XSS) reflected in Nosto

Reflected Cross-Site Scripting XSS vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET request parameter...

CVE-2025-40726

CVE-2025-40726 is a reflected XSS vulnerability in Nosto exposed on the /pages/search-results-page endpoint. The issue allows an attacker to trigger arbitrary code execution via the q GET parameter. The CVSS base score is 5.1 (Medium); attack vector is network, with low attack complexity, no priv...

PT-2025-25532 · Nosto · Nosto

Name of the Vulnerable Software and Affected Versions: Nosto affected versions not specified Description: A Reflected Cross-Site Scripting XSS issue exists in the /pages/search-results-page endpoint of Nosto. This allows remote attackers to execute arbitrary code via the q GET request parameter...