Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/26 4:15 a.m.5 views

CVE-2026-27744

The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...

9.8CVSS6.4AI score0.00908EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 6:31 a.m.6 views

EUVD-2026-8608

The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...

9.8CVSS6.4AI score0.00908EPSS
Exploits0References5
OSV
OSV
added 2026/02/25 4:16 a.m.2 views

CVE-2026-27744

The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...

9.8CVSS6.4AI score0.00908EPSS
Exploits0References5
NVD
NVD
added 2026/02/25 4:16 a.m.6 views

CVE-2026-27744

The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...

9.8CVSS0.00908EPSS
Exploits0References5
CVE
CVE
added 2026/02/25 3:8 a.m.22 views

CVE-2026-27744

The CVE-2026-27744 entry concerns the SPIP tickets plugin (versions prior to 4.3.3) with an unauthenticated remote code execution in the forum preview handling for public ticket pages. The vulnerability arises from appending untrusted request parameters into HTML that is later rendered by a templ...

9.8CVSS6.4AI score0.00908EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 3:8 a.m.4 views

CVE-2026-27744 SPIP tickets < 4.3.3 Unauthenticated RCE

The SPIP tickets plugin versions prior to 4.3.3 contain an unauthenticated remote code execution vulnerability in the forum preview handling for public ticket pages. The plugin appends untrusted request parameters into HTML that is later rendered by a template using unfiltered environment renderi...

9.8CVSS6.6AI score0.00908EPSS
Exploits0References5
Rows per page
Query Builder