CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

87 matches found

RedhatCVE•added 2025/10/25 5:36 a.m.•1 views

CVE-2025-61931

Pleasanter contains a stored cross-site scripting vulnerability in Body, Description and Comments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

5.4CVSS5.4AI score0.00026EPSS

Exploits0References1

CNNVD•added 2025/10/25 12:0 a.m.•1 views

Pleasanter 跨站脚本漏洞

Pleasanter is a free OSS no-code/low-code development tool from Pleasanter, Inc. A cross-site scripting vulnerability exists in Pleasanter that stems from a stored cross-site scripting vulnerability in Body, Description, and Comments that could lead to an attacker executing arbitrary script in a...

5.4CVSS5.3AI score0.00026EPSS

Exploits0References3

CNNVD•added 2025/10/25 12:0 a.m.•1 views

Pleasanter 跨站脚本漏洞

Pleasanter is a free OSS no-code/low-code development tool from Pleasanter, Inc. A cross-site scripting vulnerability exists in Pleasanter that stems from a stored cross-site scripting vulnerability in the Attachment Preview feature, which could lead to the execution of arbitrary script in a...

6.1CVSS6.1AI score0.00026EPSS

Exploits0References3

NVD•added 2025/10/24 6:15 a.m.•1 views

CVE-2025-61931

Pleasanter contains a stored cross-site scripting vulnerability in Body, Description and Comments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

5.4CVSS0.00026EPSS

Exploits0References2

NVD•added 2025/10/24 6:15 a.m.•1 views

CVE-2025-58070

Pleasanter contains a stored cross-site scripting vulnerability in Preview for Attachments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

6.1CVSS0.00026EPSS

Exploits0References2

Japan Vulnerability Notes•added 2025/10/24 6:11 a.m.•4 views

Multiple stored cross-site scripting vulnerabilities in Pleasanter

Overview Pleasanter provided by Implem Inc. contains multiple stored cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in Preview for Attachments CWE-79 - CVE-2025-58070 Stored cross-site scripting vulnerability in Body, Description and Comments CWE-79 -...

6.1CVSS5.8AI score0.00026EPSS

Exploits0References5

EUVD•added 2025/10/24 5:17 a.m.•1 views

EUVD-2025-35798

Pleasanter contains a stored cross-site scripting vulnerability in Body, Description and Comments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

5.4CVSS5.3AI score0.00026EPSS

Exploits0References3

Cvelist•added 2025/10/24 5:17 a.m.•3 views

CVE-2025-61931

Pleasanter contains a stored cross-site scripting vulnerability in Body, Description and Comments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

5.4CVSS0.00026EPSS

Exploits0References2

CVE•added 2025/10/24 5:17 a.m.•3 views

CVE-2025-61931

CVE-2025-61931 describes a stored cross-site scripting vulnerability in Pleasanter, affecting the Body, Description and Comments fields. The vulnerability allows an attacker to execute arbitrary JavaScript in a logged-in user’s browser. Multiple connected sources (including JVNDB and Red Hat/NVD ...

5.4CVSS6AI score0.00026EPSS

Exploits0References2

Vulnrichment•added 2025/10/24 5:17 a.m.•1 views

CVE-2025-61931

Pleasanter contains a stored cross-site scripting vulnerability in Body, Description and Comments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

5.4CVSS5.4AI score0.00026EPSS

Exploits0References2

Cvelist•added 2025/10/24 5:17 a.m.•4 views

CVE-2025-58070

Pleasanter contains a stored cross-site scripting vulnerability in Preview for Attachments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

6.1CVSS0.00026EPSS

Exploits0References2

CVE•added 2025/10/24 5:17 a.m.•4 views

CVE-2025-58070

CVE-2025-58070 affects Pleasanter: stored XSS in Preview for Attachments. Root cause is insecure handling in the attachment preview feature, enabling arbitrary script execution in a logged‑in user’s browser. Impact is user‑level (confidentiality/integrity not clearly affected beyond script execut...

6.1CVSS6AI score0.00026EPSS

Exploits0References2

Vulnrichment•added 2025/10/24 5:17 a.m.•2 views

CVE-2025-58070

Pleasanter contains a stored cross-site scripting vulnerability in Preview for Attachments, which allows an attacker to execute an arbitrary script in a logged-in user's web browser...

6.1CVSS6.1AI score0.00026EPSS

Exploits0References2

Positive Technologies•added 2025/10/24 12:0 a.m.•2 views

PT-2025-43580

Name of the Vulnerable Software and Affected Versions Pleasanter affected versions not specified Description Pleasanter contains a stored cross-site scripting issue in the Body, Description, and Comments fields. This allows an attacker to execute an arbitrary script within the web browser of a...

5.4CVSS6AI score0.00026EPSS

Exploits0References6

Positive Technologies•added 2025/10/24 12:0 a.m.•3 views

PT-2025-43579

Name of the Vulnerable Software and Affected Versions Pleasanter affected versions not specified Description Pleasanter has a stored cross-site scripting issue in the Preview for Attachments feature. This allows an attacker to execute an arbitrary script within the web browser of a logged-in user...

6.1CVSS5.9AI score0.00026EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-36851

Malicious code in bioql PyPI...

6.5CVSS5.2AI score0.00414EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-50876

Malicious code in bioql PyPI...

6.1CVSS5.7AI score0.00631EPSS

Exploits0References2