Lucene search
K

6 matches found

CVE
CVE
added 6 days ago13 views

CVE-2026-55790

Summary of CVE-2026-55790 (Craft CMS) : This is a DOM-based cross-site scripting flaw in Craft CMS. Versions affected are 5.0.0-RC1–5.9.22 and 4.0.0-RC1–4.17.15. An attacker with only a GitHub account can insert a JavaScript payload into a craftcms/cms issue title. When a Craft admin uses the Cra...

7.4CVSS5.8AI score0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago23 views

CVE-2026-55790 Craft CMS: DOM XSS via GitHub issue title in CraftSupport widget

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types...

7.4CVSS0.00311EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/29 11:33 p.m.10 views

CVE-2025-31092

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through = 2.3.4...

6.5CVSS7.2AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2024/10/17 8:15 p.m.6 views

CVE-2024-49281

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in NinjaTeam Click to Chat – WP Support All-in-One Floating Widget allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through 2.3.3...

5.4CVSS5.8AI score0.00509EPSS
Exploits0References1
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.23 views

Live Call Support Widget 1.5 - Cross-Site Request Forgery (Add Admin)

Live Call Support Widget 1.5 - Cross-Site Request Forgery Add Admin Exploit Title: Live Call Support 1.5 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://ranksol.com/ Software Link:...

0.2AI score
Exploits0
Hacker One
Hacker One
added 2018/03/21 4:31 p.m.36 views

Mail.ru: IDOR widget.support.my.com

На lootdog.io можно обратиться в службу поддержки. Когда мы создали тикет и хотим его подгрузить, то выполняется запрос...

7.1AI score
Exploits0
Rows per page
Query Builder