Lucene search
+L

5 matches found

EUVD
EUVD
added 2026/06/09 1:23 p.m.14 views

EUVD-2026-35438

Logseq is vulnerable to a sandbox escape flaw where plugins running in sandboxed iframes can inject arbitrary HTML attributes, such as event handlers, into their container element in the host DOM. Due to a disabled Content Security Policy CSP, this allows a malicious plugin to execute arbitrary...

8.7CVSS5.8AI score0.0027EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.12 views

CVE-2026-45231

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

6.1CVSS5.6AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.5 views

Aimeos GrapesJS CMS 跨站脚本漏洞

Aimeos GrapesJS CMS is a content management system for Aimeos Individual Developers. A cross-site scripting vulnerability exists in Aimeos GrapesJS CMS, which stems from the potential injection of JavaScript code when CSP is disabled, potentially leading to a stored cross-site scripting attack. T...

7.6CVSS6.2AI score0.00238EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.5 views

CVE-2024-35234

Discourse is an open-source discussion platform. Prior to version 3.2.3 on the stable branch and version 3.3.0.beta3 on the tests-passed branch, an attacker can execute arbitrary JavaScript on users’ browsers by posting a specific URL containing maliciously crafted meta tags. This issue only...

6.1CVSS7.2AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.5 views

CVE-2023-28358

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

6.1CVSS7AI score0.00389EPSS
Exploits0References1
Rows per page
Query Builder