18 matches found
CVE-2026-23880
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
CVE-2026-23880
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
CVE-2026-23880
OnboardLite (University of Central Florida) is affected by CVE-2026-23880 due to a stored XSS in versions prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f, which could be rendered to admins during Discord account migration in the dashboard. The issue is mitigated by the patch in commit 1d...
CVE-2026-23880 OnboardLite has stored Cross-site Scripting issue that may lead to admin Account Take Over
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
CVE-2026-23880 OnboardLite has stored Cross-site Scripting issue that may lead to admin Account Take Over
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
CVE-2026-23880 OnboardLite has stored Cross-site Scripting issue that may lead to admin Account Take Over
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
EUVD-2026-3283
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
OnboardLite security vulnerabilities
OnboardLite is an open-source application developed by Hack@UCF. OnboardLite has a security vulnerability, which stems from a stored-xss vulnerability. This vulnerability could allow administrators to render the user’s Discord account when they attempt to migrate it in the dashboard...
PT-2026-3506
OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...
EUVD-2025-25339
Malicious code in bioql PyPI...
CVE-2025-55751
OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing,...
CVE-2025-55751
OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing,...
CVE-2025-55751
CVE-2025-55751 : OnboardLite contains an open redirect endpoint where an attacker can craft a link to the trusted application that, when visited, redirects users to a malicious external site. This enables phishing, credential theft, malware delivery, and trust abuse. The described root cause is i...
CVE-2025-55751 OnboardLite Open Redirect Endpoint
OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing,...
CVE-2025-55751 OnboardLite Open Redirect Endpoint
OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing,...
CVE-2025-55751 OnboardLite Open Redirect Endpoint
OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing,...
PT-2025-34076 · Unknown · Onboardlite
Name of the Vulnerable Software and Affected Versions: OnboardLite versions with commit hash 6cca19e or later Description: An attacker can manipulate a link to the trusted application, redirecting users to a malicious external site upon access. This enables phishing, credential theft, malware...
OnboardLite 输入验证错误漏洞
OnboardLite is an open source application from Hack@UCF. A security vulnerability exists in OnboardLite that stems from a specially crafted link that could result in a redirection to a malicious external site...