Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.14 views

CVE-2026-45323

MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-card, allowing any node within direct or indirect repeated radio range to execute arbitrary javascript in the Home Assistant frontend of anyone...

9.6CVSS6.1AI score0.00317EPSS
Exploits1References1
NVD
NVD
added 2026/05/28 6:16 p.m.14 views

CVE-2026-45323

MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-card, allowing any node within direct or indirect repeated radio range to execute arbitrary javascript in the Home Assistant frontend of anyone...

9.6CVSS0.00317EPSS
Exploits1References1
CVE
CVE
added 2026/05/28 4:54 p.m.109 views

CVE-2026-45323

Summary: CVE-2026-45323 affects MeshCore Card for Home Assistant. Before version 0.3.3, node names in the meshcore-card were rendered without HTML escaping, enabling an attacker within direct or indirect (repeated) radio range to inject arbitrary JavaScript in the Home Assistant frontend of any v...

9.6CVSS6.1AI score0.00317EPSS
Exploits1References1Affected Software1
RedHat Linux
RedHat Linux
added 2020/08/18 5:4 a.m.3 views

jenkins-2-plugins/matrix-project: Stored XSS vulnerability in multiple axis builds tooltips

A flaw was found in the Matrix Project Plugin version 1.16 and prior. Node names shown in tooltips are not escaped on the overview page of builds with multiple axes which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure permission for this...

5.4CVSS6.9AI score0.01041EPSS
Exploits0References4
Rows per page
Query Builder