Lucene search
K

205 matches found

NVD
NVD
added 6 hours ago6 views

CVE-2026-54893

URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...

2.1CVSS
Exploits0References4
CVE
CVE
added 7 hours ago10 views

CVE-2026-54893

Swoosh.Adapters.MsGraph is vulnerable to URL path injection via the from-address interpolation into /users/{from}/sendMail without percent-encoding or validation. If from derives from untrusted input, an attacker can inject URL-special characters (/, ?, #) to escape the intended path and rewrite ...

2.1CVSS6AI score
Exploits0References4
EUVD
EUVD
added 11 hours ago6 views

EUVD-2025-210428

The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application. By leveraging this weakness, an attacker can...

6.1CVSS6AI score
Exploits0References1
OSV
OSV
added 2026/06/26 8:59 p.m.3 views

GHSA-WPHV-VFRH-23Q5 joserfc: b64=false RFC7797 JWS payloads bypass JWSRegistry payload-size limits during deserialization

RFC7797 b64=false JWS payloads bypass JWSRegistry payload-size limits during deserialization Summary Testing revealed that joserfc accepts oversized RFC7797 b64=false JWS payloads without applying JWSRegistry.maxpayloadlength. The normal JWS compact and flattened JSON paths reject payloads above...

5.3CVSS5.7AI score0.00163EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 1:11 a.m.14 views

CVE-2026-50745

CVE-2026-50745 concerns Revive Adserver’s stats-video.php where user input is reflected due to missing sanitisation and unencoded URL parameters, arising from improper handling of the Smarty url helper. The HackerOne report confirms a reflected XSS vector in this script. No exploitation status or...

6.1CVSS5.8AI score0.00224EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52576

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.5.0 Description An issue exists in the IntegrationTemplateProcessor.ReplaceTokens function where user-controlled values are substituted into event-integration templates without proper JSON encoding. An...

5CVSS5.9AI score0.00262EPSS
Exploits1References9
CVE
CVE
added 2026/06/23 10:9 p.m.12 views

CVE-2026-56785

FlatPress is affected by a stored cross-site scripting (XSS) vulnerability in comment and contact forms. Versions prior to commit 10be83c (FlatPress) render the name, URL, and email fields without proper output encoding in Smarty templates, allowing an attacker to inject arbitrary HTML/JavaScript...

8.4CVSS5.9AI score0.00243EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50813

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.6 through 9.15 Description HTML injection is possible in the cloud deployment module. The application propagates exception text from AWS, Azure, and Google SDKs, as well as file-resolution and database-commit exceptions,...

4.8CVSS5.8AI score0.00137EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/17 9:8 p.m.8 views

CVE-2026-48990

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In versions 1.3.4 through 1.6.5, joserfc accepts oversized RFC7797 b64=false JWS payloads without applying JWSRegistry.maxpayloadlength, which can lead to resource exhaustion...

5.3CVSS5.4AI score0.00163EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50551

Name of the Vulnerable Software and Affected Versions joserfc versions 1.3.4 through 1.6.5 Description joserfc is a Python library implementing JSON Object Signing and Encryption JOSE standards. The library fails to apply the JWSRegistry.max payload length limit when processing RFC7797 b64=false...

5.3CVSS5.8AI score0.00163EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/15 7:29 p.m.11 views

EUVD-2026-32919

PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS...

5.3CVSS5.1AI score0.00288EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/12 12:51 p.m.8 views

CVE-2026-45669 Nuxt: Reflected XSS in `navigateTo()` external redirect

Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo with external: true generates a server-side HTML redirect body containing a tag. The destination URL is only sanitized by replacing " with %22, leaving ,...

5.3CVSS5.4AI score0.00164EPSS
Exploits1References2
NVD
NVD
added 2026/06/10 10:17 p.m.9 views

CVE-2026-53741

Simple Link Directory through 9.0.4 interpolates the sldnoresultsfound option into a JavaScript string literal without encoding. Because sanitizetextfield leaves quotes intact, a stored payload breaks out of the string and runs script for every page visitor...

5.4CVSS0.00141EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 8:39 p.m.9 views

CVE-2026-53741 Simple Link Directory through 9.0.4 Stored XSS via sld_no_results_found Option

Simple Link Directory through 9.0.4 interpolates the sldnoresultsfound option into a JavaScript string literal without encoding. Because sanitizetextfield leaves quotes intact, a stored payload breaks out of the string and runs script for every page visitor...

5.4CVSS5.4AI score0.00141EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48555

Simple Link Directory through 9.0.4 interpolates the sld no results found option into a JavaScript string literal without encoding. Because sanitize text field leaves quotes intact, a stored payload breaks out of the string and runs script for every page visitor...

5.4CVSS5.4AI score0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:46 p.m.42 views

CVE-2026-41003 Unencoded HTML Outputs in Spring Security May Allow Cross-Site Scripting

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...

7.6CVSS0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:46 p.m.7 views

CVE-2026-41003 Unencoded HTML Outputs in Spring Security May Allow Cross-Site Scripting

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...

7.6CVSS5.8AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.12 views

CVE-2026-43938

YetAnotherForum.NET YAF.NET is a C ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger YAFNET.Core/Logger/DbLogger.cs captures the incoming request's User-Agent header into a JObject, serializes it with JsonConvert, and stores the result in the EventLog.Description column...

8.1CVSS5.4AI score0.00282EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

Thai Palliative 安全漏洞

Thai Palliative is a modified version of the PHP framework developed by DAMASAC KKU. Versions of Thai Palliative 3.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the fact that the parameters idFormMain, id, and ptidkey were passed as raw user input in the...

6.1CVSS5.8AI score0.00199EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2026/06/05 12:0 a.m.56 views

📄 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting

Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders them in its web interface without HTML-encoding, resulting in persistent cross site scripting. An attacker who gets a file with a malicious tag into...

7.2CVSS4.4AI score0.00197EPSS
Exploits2
Rows per page
Query Builder