Lucene search
K

34 matches found

EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36750

Ruoyi 4.8.2 is vulnerable to Cross Site Scripting XSS at the interface /system/notice/add...

5.1AI score0.00181EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.8 views

CVE-2026-37216

Ruoyi 4.8.2 is vulnerable to Cross Site Scripting XSS at the interface /system/notice/add...

6.1CVSS0.00181EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.14 views

CVE-2026-37216

CVE-2026-37216 affects Ruoyi 4.8.2 with a Cross Site Scripting (XSS) flaw at the interface /system/notice/add. Reported metrics indicate CVSS 3.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) base score 6.1 (Medium) and a potential impact on confidentiality and integrity (Low) with user interaction requi...

6.1CVSS5.2AI score0.00181EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.20 views

PT-2026-49290

Name of the Vulnerable Software and Affected Versions Ruoyi version 4.8.2 Description Cross Site Scripting XSS occurs at the '/system/notice/add' endpoint. XSS is a type of security flaw that allows an attacker to inject malicious scripts into web pages viewed by other users. Recommendations At t...

6.1CVSS5.8AI score0.00181EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.29 views

CVE-2026-37216

Ruoyi 4.8.2 is vulnerable to Cross Site Scripting XSS at the interface /system/notice/add...

0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.10 views

CVE-2026-36725

A markdown based cross-site scripting XSS vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the noticecontent parameter...

6.1CVSS5.6AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 7:17 p.m.17 views

CVE-2026-36725

A markdown based cross-site scripting XSS vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the noticecontent parameter...

6.1CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.8 views

CVE-2026-36725

A markdown based cross-site scripting XSS vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the noticecontent parameter...

5.6AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

FastApiAdmin 跨站脚本漏洞

FastApiAdmin is a full-stack rapid development platform based on FastAPI, developed by fastapiadmin. Version 2.2.0 of FastApiAdmin contains a cross-site scripting vulnerability. This vulnerability stems from the /system/notice/create endpoint, which has a cross-site scripting vulnerability relate...

6.1CVSS5.4AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.9 views

CVE-2026-7677

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/05/03 5:15 a.m.26 views

CVE-2026-7677

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS0.00195EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/03 3:15 a.m.6 views

CVE-2026-7677 kerwincui FastBee System Notice SysNoticeController.java add cross site scripting

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References4
CVE
CVE
added 2026/05/03 3:15 a.m.23 views

CVE-2026-7677

CVE-2026-7677 affects kerwincui FastBee (up to version 1.2.1). The vulnerable component is the Add function in springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java (System Notice Handler). The root cause is improper handling/manipulation of the argumen...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 3:15 a.m.7 views

CVE-2026-7677

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/03 3:15 a.m.76 views

CVE-2026-7677 kerwincui FastBee System Notice SysNoticeController.java add cross site scripting

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS0.00195EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.10 views

PT-2026-36678

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.11 views

FastBee 跨站脚本漏洞

FastBee is an open-source IoT platform developed by FastBee in China. Versions of FastBee 1.2.1 and earlier contained a cross-site scripting vulnerability. This vulnerability originated from the function Add in the parameter handling of noticeContent within the System Notice Handler component,...

5.1CVSS5.6AI score0.00195EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/01 2:8 a.m.10 views

CVE-2025-15372

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

4.8CVSS5.5AI score0.00235EPSS
Exploits1References1
NVD
NVD
added 2025/12/31 3:15 a.m.2 views

CVE-2025-15372

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

4.8CVSS0.00235EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-24145

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00303EPSS
Exploits1References5
Rows per page
Query Builder