Astra Linux - уязвимость в xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...

CVE-2026-7460

mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue fields into DataTables rows, and renders several of those fields as HTML...

EUVD-2026-31048

mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue fields into DataTables rows, and renders several of those fields as HTML...

CVE-2026-7460 mailcow-dockerized 2026-03b - Stored XSS in Queue Manager via unescaped

mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue fields into DataTables rows, and renders several of those fields as HTML...

CVE-2026-7460

CVE-2026-7460 affects mailcow-dockerized (2026-03b) and describes a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue fields into DataTables rows, and render...

PT-2026-42099

Name of the Vulnerable Software and Affected Versions mailcow-dockerized version 2026-03b Description A stored cross-site scripting issue exists in the administrator Queue Manager. The Queue Manager retrieves mail queue entries from the endpoint '/api/v1/get/mailq/all' and copies server-controlle...

RHEL 8 : thunderbird (RHSA-2026:19466)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19466 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

CVE-2026-34246

CtrlPanel CVE-2026-34246 affects versions 1.1.1 and earlier. The vulnerability is a Stored XSS in the admin role management interface where datatable() inserts $role->name and $role->color directly into HTML and a .rawColumns(['actions','name']) setting disables automatic escaping. An admin...

EUVD-2026-30987

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability in the ticket reply notification system. Unsanitized reply content $newmessage is stored directly in database notification payloads and later rendered...

GHSA-RFH7-FXQC-Q52V @angular/platform-server: SSRF via Hostname Hijacking

Impact A Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how the server-side rendering SSR engine processes the request URL provided to the rendering entry points. When an absolute-form URL e.g., http://evil.com is passed to the rendering...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the navigateTo function when handling external redirects in server-side rendering. An attacker can execute arbitrary HTML or JavaScript in the application's origin by supplying a crafted URL containing...

Nuxt: Reflected XSS in `navigateTo()` external redirect

Summary navigateTo with external: true generates a server-side HTML redirect body containing a tag. The destination URL is only sanitized by replacing " with %22, leaving , &, and ' unencoded. An attacker who can influence the URL passed to navigateTourl, external: true can break out of the...

GHSA-FX6J-W5W5-H468 Nuxt: Reflected XSS in `navigateTo()` external redirect

Summary navigateTo with external: true generates a server-side HTML redirect body containing a tag. The destination URL is only sanitized by replacing " with %22, leaving , &, and ' unencoded. An attacker who can influence the URL passed to navigateTourl, external: true can break out of the...

CVE-2026-45303

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can be injected and executed. The frontend provides a function to visualize the HTML content of a current chat. The content is embedded in an...

CtrlPanel-gg 安全漏洞

CtrlPanel-gg is an open-source, easy-to-use, and free billing solution developed by CtrlPanel-gg. Versions of CtrlPanel-gg 1.1.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the datatable method in the administrator role management interface, which directly insert...

CVE-2026-45231

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

CVE-2026-45231

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

CVE-2026-45231 DumbAssets 1.0.11 Stored Cross-Site Scripting via Asset Fields

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

CVE-2026-45231

DumbAssets 1.0.11 is affected by a stored XSS vulnerability in asset fields (name, description, modelNumber, serialNumber, tags) that are stored without server-side sanitization and rendered via innerHTML without client-side escaping. An attacker can create or update assets through asset API endp...

CI4MS: Stored XSS in Pages Module Content via Broken html_purify Validation Rule

Summary The Pages backend module registers the htmlpurify validation rule on language-keyed page content but persists the raw, un-purified POST value into the database. The public renderer for pages Home::index → app/Views/templates/default/pages.php emits $pageInfo-content without esc, yielding...