Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-2324

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.0105EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/23 8:38 a.m.1 views

CVE-2024-32981

Silverstripe framework is the PHP framework forming the base for the Silverstripe CMS. In affected versions a bad actor with access to edit content in the CMS could add send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end o...

5.4CVSS6.7AI score0.0105EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/04/10 1:39 p.m.7 views

Silverstripe Framework has a XSS vulnerability in HTML editor

Impact A bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the client-side, but server-side sanitisation doesn't catch...

5.4CVSS6.7AI score0.00224EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2025/04/10 1:39 p.m.4 views

GHSA-RHX4-HVX9-J387 Silverstripe Framework has a XSS vulnerability in HTML editor

Impact A bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the client-side, but server-side sanitisation doesn't catch...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References7
Cvelist
Cvelistadded 2024/07/17 7:36 p.m.15 views

CVE-2024-32981 Cross-site Scripting vulnerability with encoded payload in silverstripe/framework

Silverstripe framework is the PHP framework forming the base for the Silverstripe CMS. In affected versions a bad actor with access to edit content in the CMS could add send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end o...

5.4CVSS0.0105EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/07/17 12:0 a.m.1 views

PT-2024-25029 · Silverstripe · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: Silverstripe framework versions prior to 5.2.16 Description: A bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front e...

5.4CVSS6.8AI score0.0105EPSS
Exploits0References9
Prion
Prionadded 2022/04/18 6:15 p.m.9 views

Cross site scripting

The WP Downgrade WordPress plugin before 1.2.3 only perform client side validation of its "WordPress Target Version" settings, but does not sanitise and escape it server side, allowing high privilege users such as admin to perform Cross-Site attacks even when the unfilteredhtml capability is...

3.5CVSS4.9AI score0.00462EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder