Lucene search
K

98 matches found

NVD
NVD
added 2026/07/01 9:17 p.m.6 views

CVE-2026-55660

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 4:51 p.m.42 views

CVE-2026-54007 Open WebUI: Cross-origin postMessage confirmation bypass via action:submit

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim...

7.1CVSS0.00162EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:51 p.m.23 views

CVE-2026-54007

CVE-2026-54007 describes a cross-origin postMessage bypass in Open WebUI prior to version 0.9.6. The root cause is a chat input/submit flow in the Chat.svelte window message listener that accepts non-same-origin messages (input:prompt and action:submit) and forwards them to submitPrompt(), enabli...

7.1CVSS5.8AI score0.00162EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/06/19 9:15 p.m.5 views

Improper Verification of Source of a Communication Channel

Overview Affected versions of this package are vulnerable to Improper Verification of Source of a Communication Channel via improper validation of cross-origin messages in the window message listeners. An attacker can hijack authenticated editing sessions by sending crafted postMessage events fro...

8.5CVSS5.9AI score0.00196EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/19 9:15 p.m.6 views

TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

TinaCMS registers window message listeners — the useTina overlay handler, the OAuth authentication popup handler, and the admin↔preview iframe GraphQL reducer — that act on event.data without verifying event.origin or event.source, and post messages using non-specific target origins. A page the...

7.6CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/06/17 2:10 p.m.10 views

Open WebUI: Cross-origin postMessage confirmation bypass via action:submit

Summary The chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim session. I validated this with a cross-origin attacker page that auto-posted messages and caused unauthoriz...

7.1CVSS5.5AI score0.00162EPSS
Exploits1References2Affected Software1
NCSC
NCSC
added 2026/06/05 8:34 a.m.17 views

The vulnerability was exploited in SolarWinds Serv-U.

SolarWinds has identified a vulnerability in Serv-U. A malicious individual could exploit this vulnerability to cause a Denial-of-Service attack by sending a specially crafted POST message. SolarWinds has released a hotfix and published mitigation measures to address this vulnerability and preven...

7.5CVSS5.5AI score0.10659EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 6:0 p.m.7 views

CVE-2026-47099

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS6AI score0.00358EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 6:0 p.m.31 views

CVE-2026-47099 TeleJSON < 6.0.0 DOM-based XSS via parse() Function

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS0.00358EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/20 6:0 p.m.14 views

EUVD-2026-31150

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS6AI score0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

TeleJSON 跨站脚本漏洞

TeleJSON is an open-source JSON extension library developed by Storybook that supports complex data types. Versions of TeleJSON prior to 6.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a DOM-based cross-site scripting vulnerability within the parse function...

6.1CVSS5.8AI score0.00358EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/18 6:50 p.m.41 views

CVE-2026-45243 Summarize < 0.15.1 Browser Extension Missing Authorization via Content Script

Summarize prior to 0.15.1 contains a missing authorization vulnerability in the content script window.postMessage bridge that allows malicious pages to perform unauthorized operations on automation artifacts. Attackers can simulate runtime messages with spoofed sender identifiers to list, read,...

6.1CVSS0.00195EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:45 p.m.7 views

CVE-2026-41886

locize is a localization platform that connects code and i18n setup. Prior to version 4.0.21, the locize client SDK registers a window.addEventListener"message", … handler that dispatches to registered internal handlers editKey, commitKey, commitKeys, isLocizeEnabled, requestInitialize, … without...

7.5CVSS5.8AI score0.00101EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/08 3:45 p.m.36 views

CVE-2026-41886 locize Client SDK: Cross-origin DOM XSS & Handler Hijack Through Missing e.origin Validation in InContext Editor

locize is a localization platform that connects code and i18n setup. Prior to version 4.0.21, the locize client SDK registers a window.addEventListener"message", … handler that dispatches to registered internal handlers editKey, commitKey, commitKeys, isLocizeEnabled, requestInitialize, … without...

7.5CVSS0.00101EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/08 3:45 p.m.9 views

CVE-2026-41886 locize Client SDK: Cross-origin DOM XSS & Handler Hijack Through Missing e.origin Validation in InContext Editor

locize is a localization platform that connects code and i18n setup. Prior to version 4.0.21, the locize client SDK registers a window.addEventListener"message", … handler that dispatches to registered internal handlers editKey, commitKey, commitKeys, isLocizeEnabled, requestInitialize, … without...

7.5CVSS5.8AI score0.00101EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.8 views

CVE-2026-7686

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.7AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2026/05/03 7:30 a.m.40 views

CVE-2026-7686

Eyeo Adblock Plus (Chrome) up to 4.36.2 contains a vulnerability in postMessage handling within premium.preload.js (Legacy Premium Activation). Exploitation allows improper access controls with remote execution; the attack is publicly disclosed. The vendor notes the legacy activation path is depr...

6.9CVSS5.7AI score0.00297EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/03 7:30 a.m.12 views

EUVD-2026-26824

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.4AI score0.00297EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.11 views

Adblock Plus 安全漏洞

Adblock Plus is an advertising blocker developed by Ad-IP under open source principles. Versions of Adblock Plus 4.36.2 and earlier contain a security vulnerability, which stems from the postMessage function in the Legacy Premium Activation component’s premium.preload.js file. This vulnerability...

6.9CVSS6.1AI score0.00297EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 8:32 p.m.9 views

GHSA-W937-FG2H-XHQ2 locize Client SDK: Cross-origin DOM XSS & Handler Hijack Through Missing e.origin Validation in InContext Editor

Summary Versions of the locize client SDK the browser module that wires up the locize InContext translation editor prior to 4.0.21 register a window.addEventListener"message", … handler that dispatches to registered internal handlers editKey, commitKey, commitKeys, isLocizeEnabled,...

7.5CVSS5.7AI score0.00101EPSS
Exploits0References6
Rows per page
Query Builder