Lucene search
K

242 matches found

CNNVD
CNNVD
added 2026/03/27 12:0 a.m.9 views

Shenzhen Ruiming Streamax Crocus 安全漏洞

Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming. Versions of Shenzhen Ruiming Streamax Crocus prior to 1.3.44 contained a security vulnerability. This vulnerability stemmed from improper handling of the State parameter in the file/RemoteFormat.do, whi...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

n8n 安全漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 2.8.0 contained security vulnerabilities. These vulnerabilities stemmed from the OAuth callback handler skipping the verification of state parameter ownership, which could lead to the theft of OAut...

6.3CVSS5.8AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-28081

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.8.0 Description n8n is a workflow automation platform. When the N8N SKIP AUTH ON OAUTH CALLBACK environment variable is set to true, the OAuth callback handler does not verify the ownership of the OAuth state parameter...

6.3CVSS5.9AI score0.0018EPSS
Exploits0References7
NVD
NVD
added 2026/03/20 2:16 p.m.5 views

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

5.3CVSS0.00303EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 1:2 p.m.3 views

CVE-2026-31381 Gainsight Assist plugin information disclosure

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

5.3CVSS5.8AI score0.00303EPSS
Exploits0References2
CVE
CVE
added 2026/03/20 1:2 p.m.6 views

CVE-2026-31381

CVE-2026-31381 and related entries describe a Gainsight Assist plugin information-disclosure vulnerability. The core issue is that user email addresses (PII) are exposed in base64-encoded form via the OAuth callback URL’s state parameter. This can allow an attacker to recover emails if the OAuth ...

5.3CVSS5.8AI score0.00303EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:2 p.m.4 views

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

6.1CVSS5.8AI score0.00303EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/20 1:2 p.m.23 views

CVE-2026-31381 Gainsight Assist plugin information disclosure

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

5.3CVSS0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.4 views

PT-2026-26609

Name of the Vulnerable Software and Affected Versions versions prior to 2026-31381 Description An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL. The vulnerability involves the exposure of Personally Identifiable...

6.1CVSS6AI score0.00303EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.11 views

Gainsight Assist 安全漏洞

Gainsight Assist is a customer communication template management tool developed by Gainsight Inc. There is a security vulnerability in Gainsight Assist, which stems from the state parameter in the OAuth callback URL exposing the base64-encoded user email address, potentially leading to personal...

6.1CVSS6AI score0.00303EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

Busy 输入验证错误漏洞

Busy is a social networking system developed by Busy Open Source. Versions of Busy 2.5.5 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from incorrect handling of the state parameter in the file source-code/busy-master/src/server/app.js, which...

5.1CVSS5.8AI score0.00258EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/08 1:3 p.m.12 views

CVE-2026-0555

The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...

6.4CVSS5.6AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/07 8:26 a.m.24 views

CVE-2026-0555 Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint

The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'premmercewizardactions' AJAX endpoint in all versions up to, and including, 1.3.20. This is due to missing capability checks and insufficient input sanitization and output escaping on the state parameter. Thi...

6.4CVSS0.00244EPSS
Exploits0References6
CVE
CVE
added 2026/02/07 8:26 a.m.15 views

CVE-2026-0555

The Premmerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the premmerce_wizard_actions AJAX endpoint in all versions up to and including 1.3.20. The root cause is missing capability checks and insufficient input sanitization and output escaping on the state parameter, en...

6.4CVSS5.6AI score0.00244EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.8 views

WordPress plugin Premmerce 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00244EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/03 9:19 p.m.6 views

CVE-2025-69207

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...

7.1CVSS5.6AI score0.00361EPSS
Exploits1References1
NVD
NVD
added 2026/02/02 11:16 p.m.7 views

CVE-2026-25221

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...

8.1CVSS0.00203EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/02 10:59 p.m.27 views

CVE-2026-25221 PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...

2.3CVSS0.00203EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/02 9:16 p.m.27 views

CVE-2025-69207 Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...

5.4CVSS0.00361EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/02 9:16 p.m.3 views

CVE-2025-69207 Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...

5.4CVSS5.6AI score0.00361EPSS
Exploits1References3
Rows per page
Query Builder