Lucene search
K

5 matches found

CVE
CVE
added 2026/05/08 9:13 p.m.17 views

CVE-2026-42192

Plunk: Stored XSS in campaign view. Affected: Plunk open-source email platform (AWS SES-based). Vulnerable component: campaign management, where email body content created by authenticated project members is stored and later rendered in the admin dashboard via dangerouslySetInnerHTML without HTML...

5.4CVSS5.6AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.7 views

PT-2026-26375

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.208 and below are vulnerable to Stored Cross-Site Scripting XSS through FreeScout's email notification templates. Incoming email bodies are stored in the database without sanitization and rendered...

9.3CVSS5.9AI score0.00527EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 4:36 a.m.8 views

CVE-2023-41316

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitati...

5.5CVSS7AI score0.00416EPSS
Exploits1
Prion
Prion
added 2023/09/07 8:15 p.m.22 views

Design/Logic Flaw

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitati...

4.9CVSS5.7AI score0.00416EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/07 7:39 p.m.9 views

CVE-2023-41316 HTML Injection with email in Tolgee

Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitati...

5.5CVSS7AI score0.00416EPSS
Exploits1References2
Rows per page
Query Builder