Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/03/28 6:22 p.m.9 views

CVE-2025-27406

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

7.6CVSS7.2AI score0.00073EPSS
Exploits0References1
OSV
OSVadded 2025/03/26 4:15 p.m.1 views

DEBIAN-CVE-2025-27406

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

7.6CVSS5.6AI score0.00073EPSS
Exploits0References1
CVE
CVEadded 2025/03/26 3:49 p.m.63 views

CVE-2025-27406

Technical details (affected products, versions, root cause, exploit vectors) are not provided in the connected documents. Monitor for updates.

7.6CVSS7.1AI score0.00073EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/03/26 3:49 p.m.6 views

CVE-2025-27406 Icinga Reporting Stored XSS leads to SSRF

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

7.6CVSS7.1AI score0.00073EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/03/26 3:49 p.m.10 views

CVE-2025-27406 Icinga Reporting Stored XSS leads to SSRF

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

7.6CVSS0.00073EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/04/18 12:0 a.m.3 views

PT-2023-18592

Name of the Vulnerable Software and Affected Versions Strapi versions 4.5.5 and earlier Description Strapi allows authenticated Server-Side Template Injection SSTI that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a...

10CVSS7.6AI score0.91021EPSS
Exploits2References17
Positive Technologies
Positive Technologiesadded 2023/03/27 12:0 a.m.3 views

PT-2023-21841 · Unknown · Fluid Components

Name of the Vulnerable Software and Affected Versions: fluid components extension versions prior to 3.5.0 Description: The issue allows Cross-Site Scripting XSS via a component argument parameter, specifically in certain content use cases that may be edge cases. All versions of the Fluid Componen...

6.1CVSS6AI score0.00622EPSS
Exploits1References8
Rows per page
Query Builder