Lucene search
K

4 matches found

OSV
OSV
added 2025/03/28 4:34 p.m.9 views

GHSA-8FM5-GG2F-F66Q Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction

Summary A publisher on a publify application is able to perform a cross-site scripting attack on an administrator using the redirect functionality. Details A publisher on a publify application is able to perform a cross-site scripting attack on an administrator using the redirect functionality. T...

4.6CVSS5.9AI score0.00242EPSS
Exploits1References3
RubySec
RubySec
added 2025/03/28 12:0 a.m.13 views

Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction

Summary A publisher on a publify application is able to perform a cross-site scripting attack on an administrator using the redirect functionality. Details A publisher on a publify application is able to perform a cross-site scripting attack on an administrator using the redirect functionality. T...

5.4CVSS6.3AI score0.00242EPSS
Exploits1References1Affected Software1
Huntr
Huntr
added 2022/05/22 8:47 p.m.25 views

The publify application allows large characters to insert in the input field "title name and post field" on the article field which can allow attackers to cause a Denial of Service (DoS)

Description Please enter a description of the vulnerability. Proof of Concept 1 - Create New article https://demo-publify.herokuapp.com/admin/content/new 2 - Fill the title name and post field with huge characters, more than 1 lakh Copy the below payload and put it in the input fields and click o...

7.5CVSS8.9AI score0.00909EPSS
Exploits1
Huntr
Huntr
added 2022/05/15 10:43 a.m.61 views

The publify application allows large characters to insert in the input field "First name and Last name" on the profile field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in publify / publify

Description The publify application allows large characters to insert in the input field "First name and Last name" which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request Proof of Concept 1 - go to your profile https://demo-publify.herokuapp.com/admin/profiles 2 -...

7.5CVSS2.2AI score0.30778EPSS
Exploits1References2
Rows per page
Query Builder