5 matches found
SUSE CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926 Stored XSS vulnerability in Host navigator widget maintenance tooltip
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
PT-2026-37344
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authenticated administrator without super-user privileges can inject a JavaScript payload when creating a maintenance period. This payload is executed when an...
EUVD-2024-26212
Malicious code in bioql PyPI...