6684 matches found
EUVD-2026-8687
Angular SSR has an Open Redirect via X-Forwarded-Prefix...
Angular SSR has an Open Redirect via X-Forwarded-Prefix
An Open Redirect vulnerability exists in the internal URL processing logic in Angular SSR. The logic normalizes URL segments by stripping leading slashes; however, it only removes a single leading slash. When an Angular SSR application is deployed behind a proxy that passes the X-Forwarded-Prefix...
Vikunja: Stored XSS via Unsanitized SVG Attachment Upload Leads to Token Exposure
Details The application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as tags or event handlers like onload. The application does not sanitize SVG content before storing it. When the uploaded SVG file is...
CVE-2026-26351
GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...
CVE-2026-27616
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as tags or event handlers like onload. The application...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of user-controlled input in the identity name field without proper output encoding. An attacker can execute arbitrary JavaScript in the context of the WebUI by storing malicious scripts in the...
ImageMagick: SVG-to-MVG Command Injection via coders/svg.c
An attacker can inject arbitrary MVG Magick Vector Graphics drawing commands in an SVG file that is read by the internal SVG decoder of ImageMagick. The injected MVG commands execute during rendering...
GHSA-XPG8-7M6M-JF56 ImageMagick: SVG-to-MVG Command Injection via coders/svg.c
An attacker can inject arbitrary MVG Magick Vector Graphics drawing commands in an SVG file that is read by the internal SVG decoder of ImageMagick. The injected MVG commands execute during rendering...
Rucio WebUI has a Reflected Cross-site Scripting Vulnerability
Summary A reflected Cross-site Scripting vulnerability was located in the rendering of the ExceptionMessage of the WebUI 500 error which could allow attackers to steal login session tokens of users who navigate to a specially crafted URL. Details The WebUI error message renders ExceptionMessage...
CVE-2026-27739
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27738
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27739
CVE-2026-27739 affects Angular SSR, with an SSRF vulnerability in the request handling pipeline. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 allow unvalidated Host and X-Forwarded-* headers to influence base-origin URL construction, enabling arbitrary internal request steering via...
CVE-2026-27739
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27739 Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...
CVE-2026-27738 Angular SSR has an Open Redirect via X-Forwarded-Prefix
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...
CVE-2026-27738 Angular SSR has an Open Redirect via X-Forwarded-Prefix
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...
CVE-2026-27738
The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...
CVE-2026-27738
CVE-2026-27738 describes an open redirect in Angular SSR’s internal URL processing. In affected Angular SSR versions on the 19.x branch prior to 19.2.21, 20.x prior to 20.3.17, and 21.x prior to 21.1.5 and 21.2.0-rc.1, the logic that normalizes URL segments by stripping a single leading slash can...