CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2026/01/13 10:53 p.m.•2 views

CVE-2025-40976

Stored Cross-Site Scripting XSS vulnerability in WorkDo's TicketGo, consisting of a lack of proper validation of user input by sending a POST request to ‘/ticketgo-saas/home’, using the ‘description’ parameter...

5.1CVSS5.4AI score0.0009EPSS

Exploits0References1

NVD•added 2026/01/12 12:16 p.m.•2 views

CVE-2025-40976

5.1CVSS0.0009EPSS

Exploits0References1

Vulnrichment•added 2026/01/12 11:27 a.m.•3 views

CVE-2025-40976 Multiple vulnerabilities in WorkDo products

5.1CVSS5AI score0.0009EPSS

Exploits0References1

CVE•added 2026/01/12 11:27 a.m.•5 views

CVE-2025-40976

The CVE-2025-40976 entry concerns WorkDo’s TicketGo SaaS with a stored XSS flaw arising from insufficient input validation on the description field when a POST is sent to /ticketgo-saas/home. Affected component: TicketGo (WorkDo). Root cause: lack of proper validation of user-supplied data in the...

5.1CVSS5AI score0.0009EPSS

Exploits0References1

Cvelist•added 2026/01/12 11:27 a.m.•18 views

CVE-2025-40976 Multiple vulnerabilities in WorkDo products

5.1CVSS0.0009EPSS

Exploits0References1

Positive Technologies•added 2026/01/12 12:0 a.m.•3 views

PT-2026-1799

Name of the Vulnerable Software and Affected Versions WorkDo's TicketGo affected versions not specified Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. The issue involves sending a POST request to the ''/ticketgo-saas/home'' API...

5.1CVSS5.8AI score0.0009EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by