Lucene search
K

5 matches found

CVE
CVE
added 2026/05/26 5:42 p.m.20 views

CVE-2026-44667

FACTION is a PenTesting Report Generation and Collaboration Framework. A stored XSS flaw exists prior to version 1.8.3 where user-supplied attachment filename values are persisted and rendered into HTML and attribute contexts without output encoding in remediation verification/file preview flows....

8.7CVSS5.8AI score0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/26 5:42 p.m.39 views

CVE-2026-44667 Faction: Stored XSS in Remediation Verification Attachment Filename Preview Rendering

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...

8.7CVSS0.00211EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 5:42 p.m.10 views

CVE-2026-44667 Faction: Stored XSS in Remediation Verification Attachment Filename Preview Rendering

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:42 p.m.9 views

CVE-2026-44667

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2024/04/21 11:8 p.m.10 views

cambodiaexpatsonline.com Cross Site Scripting vulnerability OBB-3919482

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder