16 matches found
GHSA-4C3J-3H7V-22Q9 changedetection.io: Stored XSS in Watch update via API
Summary A Stored Cross Site Scripting is present in the changedetection.io Watch update API due to unsufficient security checks. Details Tested on changedetection.io version v0.50.24 console REPOSITORY TAG IMAGE ID CREATED SIZE ghcr.io/dgtlmoon/changedetection.io latest 0367276509a0 23 hours ago...
EUVD-2025-50820
changedetection.io: Stored XSS in Watch update via API...
changedetection.io: Stored XSS in Watch update via API
Summary A Stored Cross Site Scripting is present in the changedetection.io Watch update API due to unsufficient security checks. Details Tested on changedetection.io version v0.50.24 console REPOSITORY TAG IMAGE ID CREATED SIZE ghcr.io/dgtlmoon/changedetection.io latest 0367276509a0 23 hours ago...
CVE-2025-62780
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
CVE-2025-62780
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
PYSEC-2025-91
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
CVE-2025-62780 changedetection.io vulnerable to stored XSS in Watch update via API
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
CVE-2025-62780 changedetection.io vulnerable to stored XSS in Watch update via API
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
CVE-2025-62780 changedetection.io vulnerable to stored XSS in Watch update via API
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
CVE-2025-62780
CVE-2025-62780 is a stored XSS in changedetection.io’s Watch update API present in versions prior to 0.50.34. Exploitation involves injecting an unsafe URL as a Watch (either when creating a new watch or updating an existing one); when a user previews, the injected JavaScript payload can execute....
PT-2025-46200
Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.50.34 Description A Stored Cross Site Scripting issue exists in changedetection.io’s Watch update API due to inadequate security checks. An attacker can insert a new watch with a URL pointing to a web pag...
Apple patches 50 security flaws—update now
Apple has released security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, Safari, and Xcode, fixing nearly 50 security flaws. Some of these bugs could let cybercriminals see your private data, take control of parts of your device, or break key security protections. Installing these...
Update your Apple devices to fix dozens of vulnerabilities
Apple has released security updates for iPhones, iPads, Apple Watches, Apple TVs, and Macs as well as for Safari, and Xcode to fix dozens of vulnerabilities which could give cybercriminals access to sensitive data. How to update your devices How to update your iPhone or iPad For iOS and iPadOS...
PT-2025-5329 · Apple · Macos Sonoma +7
Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.4 macOS Ventura versions prior to 13.7.3 macOS Sonoma versions prior to 14.7.3 visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS...
PT-2024-30990 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: Safari versions prior to 18 iOS versions prior to 17.7.1 iPadOS versions prior to 17.7.1 macOS versions prior to Sequoia 15 watchOS versions prior to 11 Description: A custom URL scheme handling issue was addressed with improved input...
PT-2022-15571 · Apple · Ios +2
Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 8.5 iOS versions prior to 15.4 iPadOS versions prior to 15.4 Description: A user may be able to bypass the Emergency SOS passcode prompt due to inadequate checks. This issue was addressed with improved checks...