3 matches found
CVE-2026-58037
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php,...
CVE-2022-39038
Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change the name of the user account to acquire arbitrary account privilege, and access, manipulate system or disrupt service...
CVE-2011-4939
The pidginconvchatrenameuser function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash by changing a nickname while in an XMPP chat room...