Lucene search
K

91065 matches found

CVE
CVE
added 1 hour ago8 views

CVE-2026-54011 Open WebUI: Stored XSS in Mermaid Markdown Preview

Open WebUI vulnerability CVE-2026-54011 is a stored XSS in Mermaid Markdown Preview. Affected versions include main and 0.8.12; the Mermaid rendering uses securityLevel: 'loose' and injects SVG via innerHTML in the file preview path, enabling JavaScript execution in the app origin. The issue is c...

8.7CVSS6AI score0.00037EPSS
Exploits0References1
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-54011 Open WebUI: Stored XSS in Mermaid Markdown Preview

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6,Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with...

8.7CVSS0.00037EPSS
Exploits0References1
CVE
CVE
added 2 hours ago13 views

CVE-2026-54013 Open WebUI: Stored XSS to Account Takeover via Model Profile Images in Open WebUI

CVE-2026-54013 describes a stored XSS in Open WebUI where the model profile image URL could be a data:image/svg+xml;base64 payload. The root cause is missing input validation on ModelMeta.profile_image_url and missing output protections in the model image endpoint (no MIME allowlist, no nosniff, ...

7.6CVSS5.8AI score0.00057EPSS
Exploits0References1
Cvelist
Cvelist
added 2 hours ago2 views

CVE-2026-44956

Low‑privileged users could use their Full Name as a vector for a stored XSS attack. The name is included in system‑generated emails, whose content is stored in the details field of the userlog table. An admin user viewing the email content through userlog-details.php would have any malicious...

Exploits1References1
CVE
CVE
added 2 hours ago12 views

CVE-2026-44956

Revive Adserver (Revive Adserver) is affected by a stored XSS vector where an attacker’s Full Name, injected into system-generated emails stored in the userlog.details field, can execute JavaScript when an admin views the content via userlog-details.php. Root cause: missing output sanitisation in...

5.8AI score
Exploits1References1
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-38504

The XML‑RPC API addUser method has a validation bypass introduced in the fix for CVE‑2025‑55129. As a result, API users could create usernames that enabled impersonation or stored XSS attacks. Proper validation has been added where it was missing...

5.4CVSS5.9AI score0.00157EPSS
Exploits2References1
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-38503

A stored XSS can be exploited by leveraging the usernames as an attack vector. When an admin user viewed the audit log details for affected entries, any malicious JavaScript payload embedded in the username would be executed due to missing output sanitisation. Proper escaping has been added to th...

5.7AI score
Exploits0References1
CVE
CVE
added 3 hours ago9 views

CVE-2026-54302

CVE-2026-54302 — n8n: Stored XSS in Chat Trigger Node . An authenticated user with workflow edit access could inject JavaScript into the Chat Trigger page by setting a malicious webhookId. When a logged-in user visited the chat URL, the code executed in the n8n origin under that user’s session. A...

7CVSS6AI score0.00038EPSS
Exploits0References1
Cvelist
Cvelist
added 3 hours ago2 views

CVE-2026-54302 n8n: Stored XSS in Chat Trigger Node

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...

7CVSS0.00038EPSS
Exploits0References1
NVD
NVD
added 5 hours ago8 views

CVE-2026-56263

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing t...

6.1CVSS
Exploits0References3
EUVD
EUVD
added 6 hours ago8 views

EUVD-2026-38447

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pmauthormessage' parameter in the pmsendmessagetoauthor function in all versions up to, and including, 5.9.9.2 due to insufficient input sanitization and output...

6.4CVSS6AI score
Exploits0References6
NVD
NVD
added 6 hours ago8 views

CVE-2026-4983

Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...

4.1CVSS
Exploits0References1
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-38424

Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...

4.1CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 10 hours ago4 views

CVE-2026-44169

A flaw was found in MariaDB server. A user who has been granted EXECUTE access to a stored routine through a role can view the definition of that routine. This information disclosure occurs even if the user does not possess the SHOW CREATE ROUTINE privilege, potentially exposing sensitive routine...

4.3CVSS5.7AI score0.00269EPSS
Exploits0References5
Nuclei
Nuclei
added 13 hours ago32 views

WBCE CMS v1.5.4 - Cross Site Scripting (Stored)

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field. id: CVE-2022-45038 info: name: WBCE CMS v1.5.4 - Cross Site Scripting Stored author:...

5.4CVSS6.2AI score0.01024EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago18 views

Site Reviews < 7.2.5 - Unauthenticated Stored XSS

Site Reviews WordPress plugin before 7.2.5 contains a stored cross-site scripting caused by improper sanitization and escaping of review fields, letting unauthenticated users execute malicious scripts, exploit requires no authentication. id: CVE-2025-1232 info: name: Site Reviews 7.2.5 -...

8.8CVSS7.2AI score0.01856EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago12 views

Popup4Phone <= 1.3.2 - Unauthenticated Stored Cross-Site Scripting

Popup4Phone WordPress plugin through 1.3.2 contains a reflected cross-site scripting caused by unsanitized parameters, letting unauthenticated users execute scripts in admin browsers, exploit requires sending crafted requests. id: CVE-2024-3231 info: name: Popup4Phone = 1.3.2 - Unauthenticated...

6.1CVSS5.7AI score0.00684EPSS
Exploits2References2
Nuclei
Nuclei
added 13 hours ago6 views

VvvebJs <= 2.0.5 - Cross-Site Scripting

Givanz Vvvebjs = 2.0.5 contains a stored XSS caused by manipulation of the "uploadAllowExtensions" argument in upload.php File Upload Endpoint, letting remote attackers execute scripts, exploit requires crafted input. id: CVE-2026-5615 info: name: VvvebJs = 2.0.5 - Cross-Site Scripting author:...

5.3CVSS5.8AI score0.00773EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago6 views

Payara Server - Cross-Site Scripting

Payara Server versions 4.1.2.191.54, 5.83.0, 6.34.0, and 7.2026.1 contain a stored XSS vulnerability caused by improper input sanitization in the REST Management Interface. This allows attackers to mislead administrators into changing the admin password via a URL payload; however, the exploit...

9.3CVSS5.8AI score0.01002EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago12 views

WordPress OneTone theme <= 3.0.6 – Unauthenticated Stored XSS

includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues. id: CVE-2019-17231 info: name: WordPress OneTone theme = 3.0.6 – Unauthenticated Stored XSS author: daffainfo severity: medium description: | includes/theme-functions.php in the OneTone...

6.1CVSS6.3AI score0.01216EPSS
Exploits1References3
Rows per page
Query Builder