CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

OSV•added 2026/04/07 1:16 p.m.•2 views

UBUNTU-CVE-2026-3466

Insufficient sanitization of dashboard dashlet title links in Checkmk 2.2.0 EOL, Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 beta before 2.5.0 allows an attacker with dashboard creation privileges to perform stored cross-site scripting XSS attacks by tricking a...

8.5CVSS5.7AI score0.00035EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 5:25 p.m.•3 views

CVE-2020-11454

Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. In order to exploit this vulnerability, a user needs to get access to a shared dashboard or have the ability to create a dashboard on the...

5.4CVSS5.1AI score0.00504EPSS

Exploits3References1

CVE•added 2024/05/05 12:0 a.m.•51 views

CVE-2024-34519

CVE-2024-34519 affects Avantra Server 24.x (pre-24.0.7 and pre-24.1.1 for 24.1.x). The issue stems from mishandling of dashboard security, allowing data disclosure if a user can create a dashboard with an auto-login user. Access control can be bypassed when a shared dashboard uses an auto-login u...

6.8CVSS6.8AI score0.00026EPSS

Exploits0References2

OSV•added 2021/08/30 7:15 p.m.•1 views

CVE-2021-22021

VMware vRealize Log Insight 8.x prior to 8.4 contains a Cross Site Scripting XSS vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared...

5.4CVSS5.8AI score0.00242EPSS

Exploits0References1