Lucene search
K

4 matches found

NVD
NVD
added 2025/10/08 1:15 p.m.8 views

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

5.4CVSS0.00246EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.9 views

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

0.00246EPSS
Exploits1References2
OSV
OSV
added 2025/10/08 12:0 a.m.6 views

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

5.4CVSS5.7AI score0.00246EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/08 12:0 a.m.5 views

EUVD-2025-33176

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

5.4CVSS5.2AI score0.00246EPSS
Exploits1References4
Rows per page
Query Builder