Lucene search
K

5 matches found

NVD
NVD
added 2026/06/10 6:16 p.m.18 views

CVE-2026-20256

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS0.00252EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/02 10:22 p.m.9 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect when certain URLs with path values starting with // are processed. An attacker can redirect users to external domains by supplying specially crafted protocol-relative URLs. Note: Users that utilise Declarative Mode are not...

8.7CVSS5.4AI score0.00162EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/11 12:26 a.m.10 views

CraftCMS vulnerable to reflective XSS via incomplete return URL sanitization

Summary The fix for CVE-2025-35939 in craftcms/cms introduced a striptags call in src/web/User.php to sanitize return URLs before they are stored in the session. However, striptags only removes HTML tags angle brackets -- it does not inspect or filter URL schemes. Payloads like...

6.9CVSS5.9AI score0.01119EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/11/26 10:18 p.m.8 views

EUVD-2025-199769

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential...

7.7CVSS6.1AI score0.00572EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.4 views

Angular 安全漏洞

Angular is a development platform of Angular open source. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. A security vulnerability exists in Angular versions prior to 19.2.16, prior to 20.3.14, and prior to 21.0.1, which stems from the...

7.7CVSS6.5AI score0.00572EPSS
Exploits0References8
Rows per page
Query Builder