Lucene search
K

5 matches found

CVE
CVE
added 2026/03/26 8:25 p.m.7 views

CVE-2026-33738

Vulnerability summary (CVE-2026-33738) : Lychee prior to version 7.5.3 is affected. The photo description field is stored without HTML sanitization and is rendered via unescaped Blade output ({!! $item->summary !!}) in the RSS, Atom, and JSON feed templates. The publicly accessible /feed endpo...

5.4CVSS5.9AI score0.00214EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/26 8:25 p.m.22 views

CVE-2026-33738 Lychee Vulnerable to Stored XSS via Photo Description in RSS/Atom/JSON Feed (No Sanitization on Public Endpoint)

Lychee is a free, open-source photo-management tool. Prior to version 7.5.3, the photo description field is stored without HTML sanitization and rendered using !! $item-summary !! Blade unescaped output in the RSS, Atom, and JSON feed templates. The /feed endpoint is publicly accessible without...

4.8CVSS0.00214EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.4 views

WordPress Plugin Helpful 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

5.3CVSS6.1AI score0.00769EPSS
Exploits2References2
The Hacker News
The Hacker News
added 2021/02/10 12:57 p.m.7 views

Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies

In what's a novel supply chain attack, a security researcher managed to breach over 35 major companies' internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution. The technique, called dependency confusion or a...

6.1AI score
Exploits0
Circl
Circl
added 2019/09/11 4:0 a.m.14 views

CVE-2019-1214

creationtimestamp| type| source ---|---|--- 2019-09-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=419 2019-09-11 09:05:12+00:00| seen| https://t.me/informationsecuritychannel/30889 2019-09-12 08:23:57+00:00| seen| https://t.me/N0iSeBit/324 2021-11-08 08:58:19+00:00|...

7.8CVSS6.6AI score0.01324EPSS
Exploits0References8
Rows per page
Query Builder