CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/23 6:16 a.m.•4 views

CVE-2024-33905

In Telegram WebK before 2.0.0 488, a crafted Mini Web App allows XSS via the postMessage webappopenlink event type...

4.6CVSS5.8AI score0.00078EPSS

Exploits0References1

Vulnrichment•added 2024/04/29 12:0 a.m.•6 views

CVE-2024-33905

In Telegram WebK before 2.0.0 488, a crafted Mini Web App allows XSS via the postMessage webappopenlink event type...

5.9AI score0.00078EPSS

Exploits0References4

Cvelist•added 2024/04/29 12:0 a.m.•10 views

CVE-2024-33905

In Telegram WebK before 2.0.0 488, a crafted Mini Web App allows XSS via the postMessage webappopenlink event type...

5.7AI score0.00078EPSS

Exploits0References4

CVE•added 2024/04/29 12:0 a.m.•50 views

CVE-2024-33905

Telegram WebK before 2.0.0 is affected by an XSS flaw in the Mini Web App via the postMessage web_app_open_link event. Root cause: crafted Mini Web Apps can inject scripts. Affected product: Telegram WebK, versions prior to 2.0.0 (488). Reported by multiple sources; exploitation details are not p...

4.6CVSS5.7AI score0.00078EPSS

Exploits0References4

Positive Technologies•added 2024/04/28 12:0 a.m.•1 views

PT-2024-25540 · Telegram · Telegram Web K

Name of the Vulnerable Software and Affected Versions: Telegram WebK versions prior to 2.0.0 488 Description: A Cross-Site Scripting XSS flaw in Telegram WebK allows attackers to gain full account access, potentially jeopardizing data and cryptowallets. The issue stems from the Mini App system an...

4.6CVSS6.4AI score0.00078EPSS

Exploits0References10