Lucene search
K

37 matches found

RedhatCVE
RedhatCVE
added 2026/02/23 7:35 p.m.8 views

CVE-2026-2947

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

5.4CVSS3.5AI score0.00276EPSS
Exploits1References1
OSV
OSV
added 2026/02/22 2:16 p.m.9 views

CVE-2026-2947

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

5.4CVSS4.1AI score0.00276EPSS
Exploits1References4
NVD
NVD
added 2026/02/22 2:16 p.m.9 views

CVE-2026-2947

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

5.4CVSS0.00276EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/22 1:32 p.m.7 views

CVE-2026-2947

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

5.1CVSS3.6AI score0.00276EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/22 1:32 p.m.30 views

CVE-2026-2947 rymcu forest User Profile UserInfoController.java updateUserInfo cross site scripting

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

5.1CVSS0.00276EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/22 1:32 p.m.3 views

CVE-2026-2947 rymcu forest User Profile UserInfoController.java updateUserInfo cross site scripting

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

5.1CVSS4AI score0.00276EPSS
Exploits1References4
CVE
CVE
added 2026/02/22 1:32 p.m.17 views

CVE-2026-2947

CVE-2026-2947 affects rymcu forest up to version 0.0.5, specifically the updateUserInfo function in src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the User Profile Handler. The issue enables cross-site scripting due to the underlying manipulation, allowing remote execution...

5.4CVSS3.6AI score0.00276EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/22 1:16 p.m.7 views

CVE-2026-2946

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. The manipulation leads to cross site scripting...

5.4CVSS4AI score0.00217EPSS
Exploits1References4
NVD
NVD
added 2026/02/22 1:16 p.m.8 views

CVE-2026-2946

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. The manipulation leads to cross site scripting...

5.4CVSS0.00217EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/22 1:2 p.m.7 views

CVE-2026-2946

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. The manipulation leads to cross site scripting...

5.1CVSS3.5AI score0.00217EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/22 1:2 p.m.29 views

CVE-2026-2946 rymcu forest Article Content/Comments/Portfolio XssUtils.java XssUtils.replaceHtmlCode cross site scripting

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. The manipulation leads to cross site scripting...

5.1CVSS0.00217EPSS
Exploits1References4
CVE
CVE
added 2026/02/22 1:2 p.m.21 views

CVE-2026-2946

CVE-2026-2946 affects rymcu forest up to version 0.0.5. The vulnerability is in the function XssUtils.replaceHtmlCode (src/main/java/com/rymcu/forest/util/XssUtils.java) of the Article Content/Comments/Portfolio component, enabling cross-site scripting. The issue enables remote exploitation and t...

5.4CVSS3.5AI score0.00217EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.12 views

PT-2026-21431

Name of the Vulnerable Software and Affected Versions rymcu forest versions prior to 0.0.6 Description A security issue exists in rymcu forest up to version 0.0.5. The XssUtils.replaceHtmlCode function within the src/main/java/com/rymcu/forest/util/XssUtils.java file, part of the Article...

5.1CVSS4AI score0.00217EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.7 views

PT-2026-21450

Name of the Vulnerable Software and Affected Versions rymcu forest versions up to 0.0.5 Description A cross-site scripting issue exists in rymcu forest. The issue is located in the updateUserInfo function within the src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java file of the...

5.1CVSS4.6AI score0.00276EPSS
Exploits1References7
OSV
OSV
added 2025/11/10 2:15 a.m.6 views

CVE-2025-12925

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attac...

9.8CVSS5.5AI score0.00429EPSS
Exploits1References5
OSV
OSV
added 2025/11/10 2:15 a.m.3 views

CVE-2025-12924

A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated...

6.5CVSS5.5AI score0.00335EPSS
Exploits1References5
NVD
NVD
added 2025/11/10 2:15 a.m.5 views

CVE-2025-12924

A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated...

6.5CVSS0.00335EPSS
Exploits1References5
EUVD
EUVD
added 2025/11/10 1:32 a.m.5 views

EUVD-2025-38727

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attac...

7.5CVSS6.3AI score0.00429EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/10 1:32 a.m.4 views

CVE-2025-12925 rymcu forest UserDicController.java deleteDic authorization

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attac...

7.5CVSS6.5AI score0.00429EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/10 1:32 a.m.12 views

CVE-2025-12925 rymcu forest UserDicController.java deleteDic authorization

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attac...

7.5CVSS0.00429EPSS
Exploits1References5
Rows per page
Query Builder