BIT-SUPERSET-2026-23983 Apache Superset: Sensitive Data Exposure via REST API (disabled by default)

A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint disabled by default allows users to retrieve a list of objects associated with a specific tag. When these associated objects include Users, the A...

CVE-2026-23983

A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint disabled by default allows users to retrieve a list of objects associated with a specific tag. When these associated objects include Users, the A...

GHSA-H294-8FXM-M2PJ Apache Superset allows authenticated users to view sensitive data without explicit permissions

A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint disabled by default allows users to retrieve a list of objects associated with a specific tag. When these associated objects include Users, the A...

CVE-2026-23983

A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint disabled by default allows users to retrieve a list of objects associated with a specific tag. When these associated objects include Users, the A...

ClipBucket V5 安全漏洞

ClipBucket V5 is a video hosting platform for MacWarrior individual developers. A security vulnerability exists in ClipBucket V5 versions prior to 5.5.2, which stems from an authorization bypass in the AJAX tagging system that could lead to a large-scale tagging attack...

EUVD-2023-0142

Malicious code in bioql PyPI...

GNU Global 安全漏洞

GNU Global is a free code tagging system for the US GNU community. A code execution vulnerability exists in GNU Global that stems from the use of shell metacharacters, no details of the vulnerability are provided at this time...

GHSA-5M6V-2XGF-QHRW Mayan EDMS DMS XSS vulnerability

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

CVE-2022-47419

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

CVE-2022-47419

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

Cross site scripting

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

PYSEC-2023-276

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

CVE-2022-47419 Mayan EDMS Tag XSS

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

CVE-2022-47419

CVE-2022-47419 affects Mayan EDMS DMS with a reflected XSS in the in-product tagging system. The CVSS 3.1 base score is 5.4 (MEDIUM) with network attack vector, low attack complexity, require low privileges and user interaction. Exploitation observed per GHSA-5M6V-2XGF-QHRW and OSV details; no au...

CVE-2022-47419 Mayan EDMS Tag XSS

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

IBM WebSphere Portal Tagging Reflected XSS (PM96047)

The version of WebSphere Portal on the remote host is affected by a reflected cross-site scripting vulnerability in the tagging system. An attacker can craft a request that executes arbitrary script code in a user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...