5 matches found
PT-2026-22381
Name of the Vulnerable Software and Affected Versions Seerr versions prior to 3.1.0 Description Seerr, an open-source media request and discovery manager for Jellyfin, Plex, and Emby, contains a flaw where authenticated users can access and modify data belonging to other users. This is due to the...
CVE-2025-8617
CVE-2025-8617 affects the WordPress plugin YITH WooCommerce Quick View (WordPress) up to version 2.7.0. It enables a Stored Cross-Site Scripting (XSS) via the shortcode yith_quick_view due to insufficient input sanitization and output escaping. Exploitable by authenticated attackers with contribu...
com.alipay.sofa.koupleless:arklet-springboot-starter (>=1.0.0 <=1.4.2), com.alipay.sofa.koupleless:koupleless-base-starter (>=1.0.0 <=1.4.2) +84 more potentially affected by CVE-2024-38807 via org.springframework.boot:spring-boot-loader (>=2.7.0 <=2.7.2)
org.springframework.boot:spring-boot-loader MAVEN version =2.7.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.5.1, =0.5.1, =2.2.4, =2.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.1 and more Source cves: CVE-2024-38807 Source advisory:...
com.addplus9:addplus_action_dubbo (>=0.0.1 <=1.0.0), com.alibaba.csp:sentinel-apache-dubbo-adapter (>=1.5.1 <=1.7.0) +28 more potentially affected by CVE-2021-30179 via org.apache.dubbo:dubbo (>=2.7.0 <=2.7.1)
org.apache.dubbo:dubbo MAVEN version =2.7.0, =0.0.1, =1.5.1, =2.0.1, =0.1.3, =2.4.0, =2.4.0, =2.4.0, =1.0.0, =1.0, =1.2.4, =2.7.0, =1.3.1, =1.3.1, =1.4.4 and more Source cves: CVE-2021-30179 Source advisory: OSV:GHSA-5MC7-M686-P6JG...
Combodo iTop Cross-Site Scripting Vulnerability
Combodo iTop is a French company Combodo ITIL-based development and for the daily operation of the IT environment of open source Web applications. The tool provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in shortcut names ...