Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/03/24 3:16 p.m.21 views

CVE-2026-33336 Vikunja Desktop vulnerable to Remote Code Execution via same-window navigation

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS0.01115EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/24 3:16 p.m.6 views

EUVD-2026-14911

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS6.8AI score0.01115EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/24 3:16 p.m.2 views

CVE-2026-33336

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS6.8AI score0.01115EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/24 3:16 p.m.2 views

CVE-2026-33336 Vikunja Desktop vulnerable to Remote Code Execution via same-window navigation

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS6.8AI score0.01115EPSS
Exploits1References2
OSV
OSV
added 2026/03/24 3:16 p.m.3 views

CVE-2026-33336 Vikunja Desktop vulnerable to Remote Code Execution via same-window navigation

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS6.7AI score0.01115EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.7 views

PT-2026-27444

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

6.5CVSS6.8AI score0.01115EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2019/10/24 9:19 p.m.6 views

Mozilla: document.domain-based origin isolation has same-origin-property violation

A flaw was found in Mozilla's firefox and thunderbird where if two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This could cause an interaction between two...

6.1CVSS7.4AI score0.00609EPSS
Exploits0References5
CNVD
CNVD
added 2019/03/21 12:0 a.m.2 views

Unspecified Vulnerability in Moodle (CNVD-2019-35816)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle. An attacker can exploit this vulnerability to open links directly in the same window...

6.1CVSS6.8AI score0.0082EPSS
Exploits0References1
Rows per page
Query Builder