CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

OSV•added 2026/05/08 6:32 a.m.•3 views

GHSA-2887-F3V6-6RJF Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp

A Cross Site Scripting vulnerability in Alkacon OpenCms before 16 exists via updateModelGroups.jsp...

6.1CVSS5.8AI score0.00074EPSS

Exploits0References3

Github Security Blog•added 2026/05/08 6:32 a.m.•5 views

Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp

A Cross Site Scripting vulnerability in Alkacon OpenCms before 16 exists via updateModelGroups.jsp...

6.1CVSS5.8AI score0.00074EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/08 12:0 a.m.•24 views

CVE-2023-42345

A Cross Site Scripting vulnerability in Alkacon OpenCms before 16 exists via updateModelGroups.jsp...

0.00074EPSS

Exploits0References1

CVE•added 2026/04/20 12:0 a.m.•2 views

CVE-2026-30269

CVE-2026-30269 affects Doorman (v0.1.0 and v1.0.2). The issue is improper access control where an authenticated user can update their own account role to a non-admin privileged role via /platform/user/{username}. The update model accepts the role field without a manage_users permission check for ...

9.9CVSS5.8AI score0.00049EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by