CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/22 6:31 p.m.•3 views

GHSA-VMJ7-7XMM-4349 Silverpeas Core has a reflected cross-site scripting vulnerability

A reflected cross-site scripting XSS vulnerability in the AdvancedSearch functionality of Silverpeas Core allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input...

EUVD•added 2026/04/22 6:31 p.m.•1 views

Exploits1References5

EUVD-2026-24960

Github Security Blog•added 2026/04/22 6:31 p.m.•9 views

Silverpeas Core has a reflected cross-site scripting vulnerability

6.1CVSS5.3AI score0.00034EPSS

Exploits1References5Affected Software2

NVD•added 2026/04/22 4:16 p.m.•2 views

CVE-2026-30139

6.1CVSS0.00034EPSS

CNNVD•added 2026/04/22 12:0 a.m.•5 views

Silverpeas Core 跨站脚本漏洞

Silverpeas Core is an open-source project developed by Silverpeas, used for building and running collaborative and social web portals. Versions of Silverpeas Core prior to 6.4.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the AdvancedSearch feature having...

CVE•added 2026/04/22 12:0 a.m.•6 views

CVE-2026-30139

Silverpeas Core prior to 6.4.6 is affected by a reflected XSS in the AdvancedSearch functionality. Crafted input can execute arbitrary JavaScript in the context of a user’s browser. The description identifies the vulnerable component and version, but does not provide remediation steps or affected...

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34456

ATTACKERKB•added 2026/04/22 12:0 a.m.•0 views

CVE-2026-30139

Vulnrichment•added 2026/04/22 12:0 a.m.•0 views

CVE-2026-30139

5.9AI score0.00034EPSS

Cvelist•added 2026/04/22 12:0 a.m.•29 views

CVE-2026-30139

0.00034EPSS

GithubExploit•added 2026/01/27 2:45 a.m.•46 views

CVEs-huyle

CVE-2026-30139: Silverpeas Core Reflected XSS in AdvancedSearc...

EUVD•added 2025/10/03 8:7 p.m.•2 views

Exploits1

EUVD-2025-26451

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00036EPSS

Exploits3References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-0142

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00224EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-1560

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00107EPSS

RedhatCVE•added 2025/05/23 7:13 a.m.•7 views

CVE-2024-39031

In Silverpeas Core = 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the "Titre" and "Description" fields when...

5.4CVSS6AI score0.06742EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 7:8 a.m.•5 views

CVE-2024-56923

Stored Cross-Site Scripting XSS Vulnerability in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.3.1 = 6.4.1 allows a remote attacker to execute arbitrary JavaScript code. This is achieved by injecting a malicious payload into the Name field of a subscription. The...

5.4CVSS5.9AI score0.00224EPSS

RedhatCVE•added 2025/05/23 4:31 a.m.•7 views

CVE-2023-47324

Silverpeas Core 6.3.1 is vulnerable to Cross Site Scripting XSS via the message/notification feature...

5.4CVSS6AI score0.00278EPSS

Exploits1

RedhatCVE•added 2025/05/23 4:8 a.m.•6 views

CVE-2023-47327

The "Create a Space" feature in Silverpeas Core 6.3.1 is reserved for use by administrators. This function suffers from broken access control, allowing any authenticated user to create a space by navigating to the correct URL...

4.3CVSS6.6AI score0.00089EPSS

Exploits1

RedhatCVE•added 2025/05/23 4:8 a.m.•7 views

CVE-2023-47323

The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those sent only to administrators...

7.5CVSS6.7AI score0.00806EPSS