Lucene search
K

4 matches found

PyPA
PyPA
added 2026/02/16 11:15 a.m.8 views

PYSEC-2026-110

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained two security-relevant bugs: It was possible to exfiltrate information...

9CVSS5.8AI score0.00243EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 10:16 a.m.5 views

CVE-2026-2452 Unsafe variable evaluation in email templates

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...

9CVSS5.6AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/16 10:16 a.m.26 views

CVE-2026-2452 Unsafe variable evaluation in email templates

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...

9CVSS0.00258EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/16 10:15 a.m.4 views

CVE-2026-2415 Unsafe variable evaluation in email templates

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained two security-relevant bugs: It was possible to exfiltrate information...

9CVSS5.5AI score0.00243EPSS
Exploits0References1
Rows per page
Query Builder