Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2020-31260

Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access...

5.4CVSS6.1AI score0.00167EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 10:16 p.m.7 views

CVE-2020-37256

Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access...

5.4CVSS0.00167EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 10:16 a.m.18 views

CVE-2026-46723

The additionaltables configuration of the page and ttcontent indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index...

5.9CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 2026/03/05 8:16 p.m.6 views

CVE-2026-28222

Wagtail is an open source content management system built on Django. Prior to versions 6.3.8, 7.0.6, 7.2.3, and 7.3.1, a stored cross-site scripting XSS vulnerability exists on rendering TableBlock blocks within a StreamField. A user with access to create or edit pages containing TableBlock...

6.1CVSS0.00418EPSS
Exploits0References9
OSV
OSV
added 2021/09/22 5:26 p.m.4 views

DRUPAL-CONTRIB-2021-039

This module provides an admin interface for creating drop down menus that combine Drupal menu items with rich media content. It does not sufficiently sanitize user input such that an admin with permissions to edit a menu may be able to exploit one or more Cross-Site-Scripting XSS vulnerabilities...

6.5AI score
Exploits0References1
Rows per page
Query Builder