Lucene search
K

417 matches found

Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.3 views

PT-2026-25020

Unhead is a document head and template manager. Prior to 2.1.11, useHeadSafe can be bypassed to inject arbitrary HTML attributes, including event handlers, into SSR-rendered tags. This is the composable that Nuxt docs recommend for safely handling user-generated content. The acceptDataAttrs...

5.3CVSS5.9AI score0.00258EPSS
Exploits1References2
NVD
NVD
added 2026/03/11 9:16 p.m.3 views

CVE-2026-32106

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the REST API createUser endpoint uses string-based rank checks that only block creating owner accounts, while the Dashboard API uses indexOf-based rank comparison that prevents creating users at...

7.2CVSS0.003EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.6 views

PT-2026-24822

Summary The REST API createUser endpoint uses string-based rank checks that only block creating owner accounts, while the Dashboard API uses indexOf-based rank comparison that prevents creating users at or above your own rank. This inconsistency allows an admin to create additional admin accounts...

4.7CVSS5.8AI score0.003EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.5 views

PT-2026-24821

Summary The updateUserNotifications endpoint accepts a user ID from the request payload and uses it to update that user's notification preferences. It checks that the caller is logged in but never verifies that the caller owns the target account id !== userData.user.id. Any authenticated visitor...

5.4CVSS5.9AI score0.00253EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.3 views

PT-2026-24840

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. That finding involves server-side rendering of patient names via raw PHP echo. This finding involves...

7.7CVSS5.8AI score0.00191EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/10 6:16 p.m.4 views

EUVD-2026-10555

StudioCMS has Privilege Escalation via Insecure API Token Generation...

8.8CVSS5.8AI score0.00564EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/03/06 11:0 a.m.4 views

react-router: @remix-run/react: React Router SSR XSS in ScrollRestoration

A cross site scripting flaw has been discovered in the npm react-router package. The cross site scripting XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering which could allow arbitrary JavaScript execution during...

8.2CVSS5.4AI score0.00472EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/06 11:0 a.m.11 views

react-router: @remix-run/router: React Router XSS Vulnerability

The cross site scripting flaw has been discovered in the npm react-router package. A XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate...

7.6CVSS5.4AI score0.00448EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.4 views

CVE-2026-27738

The Angular SSR is a server-rise rendering tool for Angular applications. An Open Redirect vulnerability exists in the internal URL processing logic in versions on the 19.x branch prior to 19.2.21, the 20.x branch prior to 20.3.17, and the 21.x branch prior to 21.1.5 and 21.2.0-rc.1. The logic...

6.9CVSS5.6AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.7 views

CVE-2026-27739

The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...

9.2CVSS5.8AI score0.00497EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/02/26 10:25 p.m.7 views

Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError...

5.4CVSS5.4AI score0.00226EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/26 10:25 p.m.3 views

GHSA-QGVG-PR8V-6RR3 Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError...

5.3CVSS5.4AI score0.00226EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/02/26 10:24 p.m.6 views

Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`

The contents of bind:innerText and bind:textContent on contenteditable elements were not properly escaped. This could enable HTML injection and Cross-site Scripting XSS if rendering untrusted data as the binding's initial value on the server...

6.1CVSS5.4AI score0.00214EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/26 10:24 p.m.2 views

GHSA-PHWV-C562-GVMH Svelte vulnerable to XSS during SSR with contenteditable `bind:innerText` and `bind:textContent`

The contents of bind:innerText and bind:textContent on contenteditable elements were not properly escaped. This could enable HTML injection and Cross-site Scripting XSS if rendering untrusted data as the binding's initial value on the server...

5.3CVSS5.5AI score0.00214EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/26 8:20 p.m.6 views

CVE-2026-27902

A cross-site scripting XSS vulnerability was found in Svelte’s server-side rendering SSR error handling. Error messages returned from the transformError function were not properly escaped before being embedded into HTML output within hydration markers. If an application returns attacker-controlle...

5.4CVSS5.5AI score0.00226EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/26 3:13 a.m.2 views

Cross-site Scripting (XSS)

Overview svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bind:innerText and bind:textContent bindings on contenteditable elements during server-side rendering. An attacker can execute arbitrary scripts in the...

8CVSS6AI score0.00214EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/26 3:13 a.m.3 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bind:innerText and bind:textContent bindings on contenteditable elements during server-side rendering. An attacker can execute arbitrary...

8CVSS5.9AI score0.00214EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/26 3:11 a.m.2 views

Cross-site Scripting (XSS)

Overview svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the transformError function. An attacker can execute arbitrary scripts in the context of the affected application by injecting malicious content that is not...

8CVSS6AI score0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/26 12:58 a.m.4 views

CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Svelte performance oriented web framework. Prior to version 5.53.5, errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError. Version 5.53.5 fixes the...

5.3CVSS5.3AI score0.00226EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/26 12:58 a.m.20 views

CVE-2026-27902 Svelte Vulnerable to XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers

Svelte performance oriented web framework. Prior to version 5.53.5, errors from transformError were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from transformError. Version 5.53.5 fixes the...

5.3CVSS0.00226EPSS
Exploits0References3
Rows per page
Query Builder