Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/06/08 10:22 a.m.48 views

CVE-2026-47430 Cordova Plugin InAppBrowser: iOS: Arbitrary Cordova callback IDs can be dispatched without validation from InAppBrowser WebViews

Summary The iOS implementation of cordova-plugin-inappbrowser passes the id field from a WKScriptMessage body to commandDelegate sendPluginResult:callbackId: with no format validation CDVWKInAppBrowser.m:560–574. Any web content loaded inside the InAppBrowser can fire any pending Cordova callback...

9.5CVSS0.00545EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 10:22 a.m.5 views

CVE-2026-47430

Summary The iOS implementation of cordova-plugin-inappbrowser passes the id field from a WKScriptMessage body to commandDelegate sendPluginResult:callbackId: with no format validation CDVWKInAppBrowser.m:560–574. Any web content loaded inside the InAppBrowser can fire any pending Cordova callback...

9.5CVSS5.4AI score0.00545EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/08 10:22 a.m.42 views

CVE-2026-47430

CVE-2026-47430 affects the iOS implementation of Cordova Plugin InAppBrowser. The issue arises when the WKScriptMessage id field is passed to commandDelegate sendPluginResult:callbackId: without format validation (CDVWKInAppBrowser.m:560–574), allowing a web content loaded in the InAppBrowser to ...

9.5CVSS5.4AI score0.00545EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.4 views

SUSE CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

4.7CVSS8.4AI score0.02552EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2018/12/21 10:50 a.m.42 views

CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.4CVSS2.3AI score0.02552EPSS
Exploits1References1
NVD
NVD
added 2018/12/17 3:29 p.m.17 views

CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.4CVSS5.4AI score0.02552EPSS
Exploits1References4
Prion
Prion
added 2018/12/17 3:29 p.m.21 views

Code injection

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

3.5CVSS5.2AI score0.02552EPSS
Exploits1References4Affected Software2
UbuntuCve
UbuntuCve
added 2018/12/17 3:29 p.m.33 views

CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.4CVSS6.4AI score0.02552EPSS
Exploits1References2
OSV
OSV
added 2018/12/17 3:29 p.m.3 views

UBUNTU-CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.4CVSS6.3AI score0.02552EPSS
Exploits1References3
OSV
OSV
added 2018/12/17 3:29 p.m.2 views

DEBIAN-CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.4CVSS5.3AI score0.02552EPSS
Exploits1References1
CVE
CVE
added 2018/12/17 3:0 p.m.161 views

CVE-2018-18245

CVE-2018-18245 : Nagios Core 4.4.2 is vulnerable to a cross-site scripting (XSS) in the alert summary reports of plugin results, demonstrated by a SCRIPT element delivered via a modified check_load plugin to NRPE. The issue stems from user-facing output in the alert summary report, enabling injec...

5.4CVSS5.5AI score0.02552EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2018/12/17 3:0 p.m.37 views

CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.7AI score0.02552EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2018/12/17 3:0 p.m.44 views

CVE-2018-18245

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...

5.4CVSS5.7AI score0.02552EPSS
Exploits1
Rows per page
Query Builder