Lucene search
K

20 matches found

OSV
OSV
added 2 days ago4 views

CVE-2026-56241 Capgo - RBAC Demotion Privilege Retention via Stale org_users.user_right

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

7.2CVSS6.1AI score0.00211EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43224

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

8.3CVSS6.1AI score0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-56241 Capgo - RBAC Demotion Privilege Retention via Stale org_users.user_right

Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted superadmin users retain access to deletenoncompliantbundles and countnoncompliantbundles RPCs due to stale orgusers.userright column not being cleared during role binding deletion. Attackers can exploit this by...

8.3CVSS0.00211EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/14 7:21 p.m.8 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

6.5CVSS6.2AI score0.00345EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/06/13 2:9 p.m.13 views

starcitizentools/citizen-skin allows stored XSS in user registration date message

Summary Various date messages returned by Language::userDate are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The result of $this-lang-userDate $timestamp, $this-user returns unescaped values, but is inserted as raw HTML by...

6.5CVSS6.4AI score0.0035EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/06/13 2:8 p.m.4 views

GHSA-G3CP-PQ72-HJPV starcitizentools/citizen-skin allows stored XSS in menu heading message

Summary All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The system messages for menu headings are inserted unescaped into raw HTML:...

6.5CVSS7AI score0.00345EPSS
Exploits1References5
NVD
NVD
added 2025/06/12 7:15 p.m.10 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

6.5CVSS0.00345EPSS
Exploits1References3
NVD
NVD
added 2025/06/12 7:15 p.m.9 views

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

6.5CVSS0.0035EPSS
Exploits1References3
CVE
CVE
added 2025/06/12 6:45 p.m.50 views

CVE-2025-49575

The CVE-2025-49575 issue affects the Citizen skin for MediaWiki. The underlying problem is that multiple system messages are inserted into the CommandPaletteFooter as raw HTML, enabling stored HTML injection by users who can edit those messages. This could allow arbitrary HTML execution in the af...

6.5CVSS6.9AI score0.0035EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/06/12 6:45 p.m.16 views

CVE-2025-49575 Citizen allows stored XSS in Command Palette tip messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

6.5CVSS0.0035EPSS
Exploits1References3
OSV
OSV
added 2025/06/12 6:45 p.m.5 views

CVE-2025-49575 Citizen allows stored XSS in Command Palette tip messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

6.5CVSS6.5AI score0.0035EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.8 views

PT-2025-25347 · Citizen · Citizen

Name of the Vulnerable Software and Affected Versions: Citizen versions prior to 3.3.1 Description: The issue affects the Citizen MediaWiki skin, which integrates extensions into a cohesive experience. It allows users with the editinterface right to insert arbitrary HTML into the DOM by editing...

6.5CVSS6.3AI score0.0035EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.25 views

PT-2025-25348 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Citizen versions prior to 3.3.1 Description: The issue affects the Citizen MediaWiki skin, where system messages in menu headings using the Menu.mustache template are inserted as raw HTML. This allows users with the editinterface right to...

6.5CVSS6.3AI score0.00345EPSS
Exploits1References11
OSV
OSV
added 2024/03/06 11:2 a.m.22 views

BIT-PRESTASHOP-2023-43663 Improper Privilege Management in Prestashop

PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit ce1f6708 addresses this issue and is included i...

6.3CVSS5.2AI score0.00345EPSS
Exploits0References3
Prion
Prion
added 2023/09/28 7:15 p.m.22 views

Design/Logic Flaw

PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit ce1f6708 addresses this issue and is included i...

4CVSS4.5AI score0.00345EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/09/28 6:13 p.m.16 views

CVE-2023-43663 Improper Privilege Management in Prestashop

PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit ce1f6708 addresses this issue and is included i...

6.3CVSS5AI score0.00345EPSS
Exploits0References4
NVD
NVD
added 2022/02/09 9:15 p.m.61 views

CVE-2022-23615

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can save a document with the right of the current user which allow accessing API requiring programming right if the current user has programming...

5.5CVSS0.00684EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/04/30 12:0 a.m.13 views

Microsoft Windows 10: Create symbolic links

This user right determines if users can create a symbolic link from the device they are logged on to. A symbolic link is a file-system object that points to another file-system object. The object that is pointed to is called the target. Symbolic links are transparent to users. The links appear as...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2018/04/30 12:0 a.m.96 views

Microsoft Windows 10: Create permanent shared objects

This user right determines which accounts can be used by processes to create a directory object by using the object manager. Directory objects include Active Directory objects, files and folders, printers, registry keys, processes, and threads. Users who have this capability can create permanent...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2018/04/30 12:0 a.m.10 views

Microsoft Windows 10: Shut down the system

This security setting determines if a user who is logged on locally to a device can shut down Windows. Shutting down domain controllers makes them unavailable to perform functions such as processing logon requests, processing Group Policy settings, and answering Lightweight Directory Access...

7.4AI score
Exploits0
Rows per page
Query Builder