2 matches found
CVE-2026-28358
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. This issue has been patched in version 0.301.3...
CVE-2025-51989
CVE-2025-51989 : HTML injection vulnerability in Evolution Consulting Kft. HRmaster module v235’s registration interface allows injecting HTML tags into the keresztnév (firstname) field, which can be included in emails and potentially enable phishing against unregistered addresses. Affected compo...