2 matches found
CVE-2026-4984
CVE-2026-4984 affects Botpress’s Twilio integration webhook handler. The vulnerability arises because the webhook accepts POST requests without validating Twilio’s X-Twilio-Signature, and when processing media messages it fetches user-controlled URLs (MediaUrlN) via HTTP requests that include the...
ASUSTOR SoundsGood Application Cross-Site Scripting Vulnerability
SUSTOR SoundsGood is a web-based audio/video playback application from ASUSTOR for use on ASUSTOR NAS storage systems. A cross-site scripting vulnerability exists in the playlistmanger.cgi file in the ASUSTOR SoundsGood application. A remote attacker can exploit the vulnerability by injecting...