CVE-2026-42329

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redirect the user to a malicious website controlled by an attacker. Version 2.4.28 fixes the issue...

CVE-2026-42540

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in the database via manipulated API requests. Version 2.4.28 contains a patch...

CVE-2026-42540

IRIS web collaborative platform suffers a Mass Assignment vulnerability (CVE-2026-42540). Versions prior to 2.4.28 allow an attacker to alter values in the database through manipulated API requests. A fix is available in version 2.4.28. The CVSS 3.1 score is 4.3 (Medium) with Network attack vecto...

CVE-2026-42539

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch...

Element 安全漏洞

Element is a Matrix web collaboration client from Element Open Source. A security vulnerability exists in Element that stems from a vulnerability that could lead to an access token disclosure under certain circumstances...

XWiki Platform information leakage vulnerability

XWiki Platform is a Wiki platform for creating Web collaboration applications from the French company XWiki. XWiki Platform 8.1 and later, versions prior to 13.10.8, 14.0 and later, 14.4.3 and later, 14.5 and later, and 14.6 and earlier are vulnerable to an information disclosure vulnerability th...

XWiki has unspecified vulnerabilities

Xwiki Platform is a set of wiki platforms for creating web collaboration applications from the French company Xwiki. security vulnerabilities exist in versions of XWiki prior to 13.10.6, 14.3.1 and 14.4-rc-1. X509 certificate with RSA, there is a risk of conflict with SHA1. No details of the...

XWiki Platform Access Control Error Vulnerability

Xwiki Platform is a Wiki platform used to create Web collaboration applications from the French company Xwiki. XWiki Platform has an access control error vulnerability that stems from the application not properly restricting access to resources from unauthorized roles, which could be exploited by...

Xwiki Platform path traversal vulnerability

Xwiki Platform is a set of French Xwiki company's Wiki platform for creating Web collaboration applications. XWiki Platform has a path traversal vulnerability, the vulnerability stems from the application fails to properly filter special elements in the resource or file path, an attacker can use...

Xwiki Platform licensing issue vulnerability (CNVD-2022-13405)

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. XWiki Platform is vulnerable to an authorization issue, which stems from the fact that even if the wiki is closed to visitors, it is possible to guess whether a user has an account on the...

Xwiki Platform Cross-Site Scripting Vulnerability (CNVD-2022-13409)

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. Xwiki Platform is vulnerable to cross-site scripting, which can be exploited to upload SVGs containing scripts executed when performing download operations on files when using the default...

XWiki Platform Cross-Site Scripting Vulnerability

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. XWiki Platform has a cross-site scripting vulnerability that can be exploited by attackers to persistently inject scripts...

XWiki Platform SQL Injection Vulnerability

Xwiki Platform is a Wiki platform for creating Web collaboration applications from the French company Xwiki. XWiki Platform is vulnerable to SQL injection, which can be exploited by attackers to inject SQL statements for execution...

DSA-1639-1 twiki - command execution

Bulletin has no description...

JVN#95014590 Zimbra Collaboration Suite script execution vulnerability

Zimbra Collaboration Suite is a web collaboration tool that provides calendar, address book, webmail, and other functions. Zimbra Collaboration Suite 4.0.3 and 4.5.6 contain a vulnerability that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact If a us...

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

egroupware100007.txt

GulfTech Security Research April 20th, 2005 Vendor : eGroupware URL : http://www.egroupware.org/ Version : Versions Prior To 1.0.0.007 Risk : Multiple Vulnerabilities Description: eGroupware is a very popular open source web based collaboration software that can be used within an intranet, or...

XXS in fusetalk forum

Vendor : fusetalk URL : http://www.fusetalk.com/ Version: 4.0 Risk : Cross site scripting Description: Fusetalk is a discussion forum solution that provides a powerful and simple method of web-based collaboration. Cross site scripting: The filtering script for the img src= doesnt filter " if...

tikiwiki181.txt

Vendor : TikiWiki Project URL : http://www.tikiwiki.org Version : TikiWiki 1.8.1 && Earlier Risk : Multiple Vulnerabilities Description: Tiki CMS/Groupware aka TikiWiki is a powerful open-source Content Management System CMS and Groupware that can be used to create all sorts of Web applications,...