CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

CVE-2025-55203

Plane is open-source project management software. Prior to version 0.28.0, a stored cross-site scripting XSS vulnerability exists in the descriptionhtml field of Plane. This flaw allows an attacker to inject malicious JavaScript code that is stored and later executed in other users’ browsers. The...

CVE-2025-55203

Plane is an open‑source project management tool. A stored XSS vulnerability exists in the description_html field prior to version 0.28.0, where unsanitized/uncleaned input allows attacker‑provided JavaScript to be saved in the database and executed in other users’ browsers. Impacts include potent...

CVE-2025-55203 Plane Stored XSS in Add Work Item Functionality

Plane is open-source project management software. Prior to version 0.28.0, a stored cross-site scripting XSS vulnerability exists in the descriptionhtml field of Plane. This flaw allows an attacker to inject malicious JavaScript code that is stored and later executed in other users’ browsers. The...

SUSE CVE-2020-8553

The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ingress which uses nginx.ingress.kubernetes.io/auth-type: basic and which has a hyphenated namespace ...

PT-2020-6523 · Unknown · Ingress-Nginx

Name of the Vulnerable Software and Affected Versions: ingress-nginx versions prior to 0.28.0 Description: The issue is related to errors in processing hyperlinks in the ingress-nginx controller in a Kubernetes cluster. This can be exploited by a remote attacker to gain access to create, modify, ...