5 matches found
CVE-2026-44667
FACTION is a PenTesting Report Generation and Collaboration Framework. A stored XSS flaw exists prior to version 1.8.3 where user-supplied attachment filename values are persisted and rendered into HTML and attribute contexts without output encoding in remediation verification/file preview flows....
CVE-2026-44667 Faction: Stored XSS in Remediation Verification Attachment Filename Preview Rendering
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...
CVE-2026-44667 Faction: Stored XSS in Remediation Verification Attachment Filename Preview Rendering
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...
CVE-2026-44667
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...
cambodiaexpatsonline.com Cross Site Scripting vulnerability OBB-3919482
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...