Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-35443

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS5.4AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 5:16 p.m.19 views

CVE-2026-35443

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:50 p.m.11 views

CVE-2026-35443

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 3:50 p.m.11 views

EUVD-2026-33975

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2026/04/07 8:43 a.m.4 views

BIT-DISCOURSE-2026-32607 Discourse: Stored XSS via unescaped assignee name

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, when the hidden prioritizefullnameinux site setting is enabled defaults to false, requires console access to change, user and group display names are rendered without HTML...

5.4CVSS5.7AI score0.00167EPSS
Exploits0References3
Rows per page
Query Builder