Lucene search
+L

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/23 6:41 p.m.2 views

CVE-2026-33683

WWBN AVideo is an open source video platform. In versions up to and including 26.0, a sanitization order-of-operations flaw in the user profile "about" field allows any registered user to inject arbitrary JavaScript that executes when other users visit their channel page. The xssesc function...

5.4CVSS5.9AI score0.00176EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/23 6:41 p.m.2 views

CVE-2026-33683 AVideo vulnerable to Stored XSS via html_entity_decode() Reversing xss_esc() Sanitization in Channel About Field

WWBN AVideo is an open source video platform. In versions up to and including 26.0, a sanitization order-of-operations flaw in the user profile "about" field allows any registered user to inject arbitrary JavaScript that executes when other users visit their channel page. The xssesc function...

5.4CVSS5.9AI score0.00176EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/16 4:11 p.m.10 views

CVE-2023-53316 drm/msm/dp: Free resources after unregistering them

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks through the submodules to unregister and clean things up. But if the unbind happens because the DP controller itself is being removed,...

6.4AI score0.00149EPSS
Exploits0References6
Code423n4
Code423n4
added 2023/10/26 12:0 a.m.8 views

Incorrect Order of Operations in nukeFromOrbit Function

Lines of code Vulnerability details Impact the nukeFromOrbit function, the nonReentrant modifier is correctly applied. This means that the function cannot be reentered while it is already being executed the problem is that The blockAccountstate, accountAddress function is called before...

7AI score
Exploits0
Rows per page
Query Builder