2 matches found
CVE-2026-39354
Scoold is a Q&A and a knowledge sharing platform for teams. Prior to 1.66.2, an authenticated authorization flaw in Scoold allows any logged-in, low-privilege user to overwrite another user's existing question by supplying that question's public ID as the postId parameter to POST /questions/ask...
CVE-2018-20875
cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface SEC-433...