1226 matches found
mXSS in ammonia via MathML `annotation-xml` encoding strip
If a certain set of MathML tags are enabled, an attacker can inject arbitrary JavaScript code into the user's browser. The annotation-xml tag has slightly different behavior than the other "integration point" tags in MathML and SVG, but ammonia didn't handle it, so it didn't correctly strip the...
RUSTSEC-2026-0193 mXSS in ammonia via MathML `annotation-xml` encoding strip
If a certain set of MathML tags are enabled, an attacker can inject arbitrary JavaScript code into the user's browser. The annotation-xml tag has slightly different behavior than the other "integration point" tags in MathML and SVG, but ammonia didn't handle it, so it didn't correctly strip the...
CVE-2026-10835 SALESmanago & Leadoo < 3.11.3 - Subscriber+ SQL Injection
The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorisation on that action, allowing authenticated users with minimal permissions, such as...
CVE-2026-50740
A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user could exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks...
CVE-2026-50745
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
EUVD-2026-39604
A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user could exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks...
CVE-2026-50745
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
EUVD-2026-39605
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
CVE-2026-50745
CVE-2026-50745 concerns Revive Adserver’s stats-video.php where user input is reflected due to missing sanitisation and unencoded URL parameters, arising from improper handling of the Smarty url helper. The HackerOne report confirms a reflected XSS vector in this script. No exploitation status or...
PT-2026-52652
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A missing sanitisation issue exists in the stats-video.php script. The construction of URLs to this script does not follow best practices, and the output of the...
PT-2026-52648
Name of the Vulnerable Software and Affected Versions Revive Adserver versions prior to 6.0.8 Description Insufficient sanitization of user input in the 'zone-include.php' script allows a low-privileged user to execute reflected Cross-Site Scripting XSS attacks. This occurs through the refresh...
CVE-2026-47383
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated commenter could store HTML in row comments that executed as script when other users hovered over the comment in the expanded form view. The comment write paths persisted the raw comment body with no...
CVE-2026-34914
A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...
CVE-2026-34915
A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the...
EUVD-2026-38500
A missing validation of user input exists when saving delivery limitations in Revive Adserver 6.0.6 and earlier. A low‑privileged user could add an unexpected component parameter and inject malicious PHP code into the compiledlimitations field, which would then be executed during banner delivery...
CVE-2026-44959
CVE-2026-44959 affects Revive Adserver up to version 6.0.6. The issue is a missing validation of user input when saving delivery limitations, allowing a low-privileged user to add an unexpected component parameter and inject malicious PHP into the compiledlimitations field, which could be execute...
CVE-2026-34914
This CVE is confirmed: Revive Adserver
EUVD-2026-38499
A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the...
CVE-2026-44960
Vulnerability summary (CVE-2026-44960) : A stored XSS exists in Revive Adserver where malicious content placed in the username could be executed when an admin views audit log details, due to missing output sanitisation. The issue is triggered by usernames being displayed in the audit log details ...
CVE-2026-34914
A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...