Lucene search
K

187 matches found

Github Security Blog
Github Security Blog
added 2026/04/10 7:22 p.m.5 views

PraisonAI Vulnerable to Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency)

Summary The Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml. When nh3 is absent the default installation, the...

6.1CVSS5.8AI score0.00216EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/10 7:21 p.m.1 views

GHSA-V7PX-3835-7GJX PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

9.3CVSS6.4AI score0.00229EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:16 p.m.2 views

CVE-2026-40112

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml...

5.4CVSS6AI score0.00216EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/08 7:34 p.m.6 views

CVE-2026-35585

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. From 2.0.0 until 2.33.8, the hook system in File Browser — which executes administrator-defined shell commands on file events such as upload, rename, and delete...

7.5CVSS6.1AI score0.01922EPSS
Exploits2References1
OSV
OSV
added 2026/04/08 7:15 p.m.10 views

GHSA-FJPJ-6QCQ-6PW2 CI4MS has stored XSS in Pages Content Due to Missing html_purify Sanitization

Summary The Pages module does not apply the htmlpurify validation rule to content fields during create and update operations, while the Blog module does. Page content is stored unsanitized in the database and rendered as raw HTML on the public frontend via echo $pageInfo-content. An authenticated...

5.5CVSS5.9AI score0.00247EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/08 2:30 p.m.18 views

CVE-2026-39392 CI4MS has Stored XSS in Pages Content Due to Missing html_purify Sanitization

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Pages module does not apply the htmlpurify validation rule to content fields during create and update operations, while the Blog...

5.5CVSS0.00247EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/08 9:31 a.m.6 views

EUVD-2026-20119

The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Form Header' field in versions up to and including 1.0. This is due to insufficient input sanitization when saving via updateoption and lack of output escaping when displaying the stored...

4.4CVSS6.1AI score0.00254EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31287

Name of the Vulnerable Software and Affected Versions pdfl.io plugin for WordPress versions up to and including 1.0.5 Description The pdfl.io plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'pdflio' shortcode. This occurs because of inadequate input sanitization and...

6.4CVSS5.9AI score0.00296EPSS
Exploits0References10
OSV
OSV
added 2026/04/03 9:53 p.m.5 views

GHSA-GJW9-34GF-RP6M Budibase: Command Injection in Bash Automation Step

Location: packages/server/src/automations/steps/bash.ts Description The bash automation step executes user-provided commands using execSync without proper sanitization or validation. User input is processed through processStringSync which allows template interpolation, potentially allowing...

8.8CVSS6.5AI score0.00466EPSS
Exploits0References4
OSV
OSV
added 2026/04/03 9:45 p.m.1 views

GHSA-HG73-4W7G-Q96W SandboxJS: Sandbox Escape via Prop Object Leak in New Handler

Description A scope modification vulnerability exists in @nyariv/sandboxjs version 0.8.35 and below. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the scope hierarchy to untrusted code; an...

6.9CVSS6.1AI score0.00292EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/03 9:45 p.m.20 views

SandboxJS: Sandbox Escape via Prop Object Leak in New Handler

Description A scope modification vulnerability exists in @nyariv/sandboxjs version 0.8.35 and below. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the scope hierarchy to untrusted code; an...

7.2CVSS6.1AI score0.00292EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/03/30 3:16 p.m.3 views

CVE-2026-30566

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

6.1CVSS0.0021EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.2 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.00205EPSS
Exploits1References2
CVE
CVE
added 2026/03/30 12:0 a.m.9 views

CVE-2026-30566

CVE-2026-30566 is a reflected XSS in SourceCodester Sales and Inventory System 1.0, caused by failure to sanitize the limit parameter in view_customers.php. This allows remote attackers to inject arbitrary script/HTML via a crafted URL. Affected component: view_customers.php (limit parameter); im...

6.1CVSS6AI score0.0021EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30570

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
CVE
CVE
added 2026/03/27 9:13 p.m.89 views

CVE-2026-33941

The CVE-2026-33941 issue affects the Handlebars CLI precompiler (bin/handlebars, lib/precompiler.js) from versions 4.0.0–4.7.8, where user-controlled template filenames and CLI options are concatenated into the emitted JavaScript without escaping. An attacker who can influence filenames or argume...

8.2CVSS6AI score0.00291EPSS
Exploits1References8Affected Software1
EUVD
EUVD
added 2026/03/27 6:31 p.m.3 views

EUVD-2026-16676

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecustomer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL command...

9.8CVSS6AI score0.00476EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/24 4:4 p.m.5 views

sbt: Source dependency feature (via crafted VCS URL) leads to arbitrary code execution on Windows

Summary On Windows, sbt uses Process"cmd", "/c", ... to run VCS commands git, hg, svn. The URI fragment branch, tag, revision is user-controlled via the build definition and passed to these commands without validation. Because cmd /c interprets &, |, and ; as command separators, a malicious...

7.8CVSS6.2AI score0.00304EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/03/21 3:26 a.m.33 views

CVE-2026-4072 WordPress PayPal Donation <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' Shortcode Attribute

The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortcode in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'amount', 'email'...

6.4CVSS0.00193EPSS
Exploits0References5
NVD
NVD
added 2026/03/19 9:17 p.m.6 views

CVE-2026-27570

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, the onebox method in the SharedAiConversation model renders the conversation title directly into HTML without proper sanitization. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 conta...

6.1CVSS0.00347EPSS
Exploits0References4
Rows per page
Query Builder