Lucene search
K

4 matches found

NVD
NVD
added 2025/10/08 1:15 p.m.8 views

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

5.4CVSS0.00246EPSS
Exploits1References3
OSV
OSV
added 2025/10/08 12:0 a.m.6 views

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

5.4CVSS5.7AI score0.00246EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/08 12:0 a.m.5 views

EUVD-2025-33176

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

5.4CVSS5.2AI score0.00246EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.9 views

CVE-2025-60298

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...

0.00246EPSS
Exploits1References2
Rows per page
Query Builder