CVE-2025-13979

Privilege Defined With Unsafe Actions vulnerability in Drupal Mini site allows Stored XSS.This issue affects Mini site: from 0.0.0 before 3.0.2...

PT-2026-5198

Name of the Vulnerable Software and Affected Versions Drupal Mini site versions prior to 3.0.2 Description A flaw exists in Drupal Mini site that allows for Stored Cross-Site Scripting XSS due to unsafe actions with defined privileges. This allows an attacker to inject malicious scripts into the...

CVE-2024-8631 Privilege Defined With Unsafe Actions in GitLab

A privilege escalation issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. A user assigned the Admin Group Member custom role could have escalated their privileges to include other custom roles...

CVE-2023-41966 Sielco Radio Link and Analog FM Transmitters Privilege Defined With Unsafe Actions

The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter...

Sielco Radio Link and Analog FM Transmitters

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Sielco Equipment : Analog FM Transmitters and Radio Link Vulnerabilities : Improper Access Control, Cross-Site Request Forgery, Privilege Defined with Unsafe...

CVE-2023-2983

Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore prior to 10.5.23...

Privilege escalation

Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore prior to 10.5.23...