Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.10 views

CVE-2026-42052

Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode for untrusted metadata fields. In this runtime, is raw insertion and HTML escaping is only performed by . Rendered output is then inserted with .html..., allowing...

6CVSS5.7AI score0.003EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 5:6 p.m.1 views

CVE-2026-42052 beets is Vulnerable to XSS

Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode for untrusted metadata fields. In this runtime, is raw insertion and HTML escaping is only performed by . Rendered output is then inserted with .html..., allowing...

6CVSS5.9AI score0.003EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 5:6 p.m.10 views

EUVD-2026-27055

Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode for untrusted metadata fields. In this runtime, is raw insertion and HTML escaping is only performed by . Rendered output is then inserted with .html..., allowing...

6CVSS5.7AI score0.003EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-36877

Name of the Vulnerable Software and Affected Versions Beets versions prior to 2.10.0 Description The bundled web UI uses Underscore template interpolation mode for untrusted metadata fields. In this runtime, performs raw insertion, whereas HTML escaping is only handled by . The rendered output is...

6CVSS5.8AI score0.003EPSS
Exploits0References16
Rows per page
Query Builder