Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/22 3:37 p.m.29 views

CVE-2026-11994 Akaunting 3.1.21 - Authenticated stored XSS in report description rendering

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report...

4.8CVSS0.00321EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:37 p.m.2 views

CVE-2026-11994

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report...

4.8CVSS6AI score0.00321EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/22 3:37 p.m.7 views

CVE-2026-11994

CVE-2026-11994 concerns Akaunting 3.1.21, reporting an authenticated stored XSS in the report description rendering . A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report, potentially affecting other users interacting with the...

4.8CVSS6AI score0.00321EPSS
Exploits0References2
NVD
NVD
added 2025/12/03 5:15 p.m.4 views

CVE-2025-20383

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...

4.3CVSS0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.4 views

PT-2025-48955

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.2 Splunk Enterprise versions 9.2.10 through 9.4.6 Splunk Enterprise versions 9.3.8 Splunk Secure Gateway app versions below 3.7.28 Splunk Secure Gateway app versions 3.8.58 and below Splunk Secure Gatew...

4.3CVSS6.4AI score0.00271EPSS
Exploits0References5
OSV
OSV
added 2023/02/03 6:15 p.m.5 views

CVE-2021-36538

Cross Site Scripting XSS vulnerability in Gurock TestRail before 7.1.2 allows remote authenticated attackers to run arbitrary code via the reference field in milestones or description fields in reports...

5.4CVSS6AI score0.00551EPSS
Exploits1References1
Rows per page
Query Builder