EUVD-2026-16783

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. An attacker can craft a specially encode...

PT-2019-14903 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions prior to 4.5.8 Description: The issue concerns the use of an unsanitized id variable in the file appaccess controlsaccess control nodes.php, which is reflected in HTML. This leads to a cross-site scripting XSS issue, allowi...

PT-2019-14899 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions prior to 4.5.8 Description: The issue concerns the use of an unsanitized id variable in the contact urls.php file, which is reflected in HTML. This leads to a potential XSS issue. Recommendations: For FusionPBX versions pri...

Adobe Digital Editions Information Disclosure Vulnerability (CNVD-2018-26547)

Adobe Digital Editions DE is a set of e-book reading and management software of the United States Ordoby Adobe. Through the software can open, read and manage PDF, XML, Flash files. Windows, Macintosh and iOS-based platforms, Adobe DE 4.5.8 and previous versions of a security vulnerability exists...