Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/06/25 8:56 p.m.5 views

CVE-2025-52558

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Prior to version 0.50.4, errors in filters from website page change detection watches were not being filtered resulting in a cross-site scripting XSS vulnerability. This...

7CVSS5.5AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2025/06/23 8:52 p.m.6 views

CVE-2025-52558 ChangeDetection.io XSS in watch overview

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Prior to version 0.50.4, errors in filters from website page change detection watches were not being filtered resulting in a cross-site scripting XSS vulnerability. This...

7CVSS5.8AI score0.00521EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 9:17 a.m.22 views

CVE-2024-56509

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Improper input validation in the application can allow attackers to perform local file read LFR or path traversal attacks. These vulnerabilities occur when user input is...

8.6CVSS6.6AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:14 a.m.8 views

CVE-2024-51998

changedetection.io is a free open source web page change detection tool. The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. The...

8.6CVSS6.6AI score0.00697EPSS
Exploits0References1
NVD
NVD
added 2024/11/08 12:15 a.m.16 views

CVE-2024-51998

changedetection.io is a free open source web page change detection tool. The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. The...

8.6CVSS0.00697EPSS
Exploits0References3
NVD
NVD
added 2024/05/02 2:15 p.m.32 views

CVE-2024-34061

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. In affected versions Input in parameter notificationurls is not processed resulting in javascript execution in the application. A reflected XSS vulnerability happens when...

4.3CVSS4.5AI score0.01281EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 1:58 p.m.27 views

CVE-2024-34061 Reflected cross site scripting in changedetection.io

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. In affected versions Input in parameter notificationurls is not processed resulting in javascript execution in the application. A reflected XSS vulnerability happens when...

4.3CVSS4.7AI score0.01281EPSS
Exploits0References4
CVE
CVE
added 2024/05/02 1:58 p.m.81 views

CVE-2024-34061

CVE-2024-34061 – Changedetection.io is affected in versions prior to 0.45.22. A reflected Cross‑Site Scripting (XSS) vulnerability arises because input in the notification_urls parameter is not properly sanitized and is reflected on the page, enabling injection of malicious JavaScript. The CVSS v...

4.3CVSS5.9AI score0.01281EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/02 1:58 p.m.40 views

CVE-2024-34061 Reflected cross site scripting in changedetection.io

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. In affected versions Input in parameter notificationurls is not processed resulting in javascript execution in the application. A reflected XSS vulnerability happens when...

4.3CVSS4.7AI score0.01281EPSS
Exploits0References2
Rows per page
Query Builder