CVE-2009-4812

Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...

PT-2025-46876

CVE-2025-11919: Wolfram Cloud Vulnerability Exposes Users to Privilege Escalation and Remote Code Execution https://securityonline.info/cve-2025-11919-wolfram-cloud-vulnerability-exposes-users-to-privilege-escalation-and-remote-code-execution/...

Unprotected temporary directories in Wolfram Cloud version 14.2 may result in privilege escalation

Overview Wolfram Cloud version 14.2 allows Java Virtual Machine JVM unrestricted access to temporary resources in the /tmp/ directory of the cloud environment which may result in privilege escalation, information exfiltration, and remote code execution. In the same cloud instance, temporary...

EUVD-2009-4775

Malware in sbrugna...

demonstrations.wolfram.com Cross Site Scripting vulnerability OBB-3807589

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

wolfram.com Cross Site Scripting vulnerability OBB-3586274

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

support.wolfram.com Cross Site Scripting vulnerability OBB-2676221

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

reference.wolfram.com Cross Site Scripting vulnerability OBB-2623865

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

wolfram.com Cross Site Scripting vulnerability OBB-2023897

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| wolfram.com ---|--- Open Bug Bounty...

wolfram.com Cross Site Scripting vulnerability OBB-1330915

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

reference.wolfram.com XSS vulnerability

Open Bug Bounty ID: OBB-635964 Description| Value ---|--- Affected Website:| reference.wolfram.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

demonstrations.wolfram.com XSS vulnerability

Open Bug Bounty ID: OBB-573319 Description| Value ---|--- Affected Website:| demonstrations.wolfram.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

community.wolfram.com XSS vulnerability

Open Bug Bounty ID: OBB-563772 Description| Value ---|--- Affected Website:| community.wolfram.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

wolfram.com XSS vulnerability

Vulnerable URL: http://wolfram.com/broadcast//video.php?sx==1325=wordcloud Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3444 VIP website status:| Yes Coordinated Disclosure...

wolframalpha.com XSS vulnerability

Vulnerable URL:...

wolfram.com XSS vulnerability

Vulnerable URL: http://wolfram.com/broadcast/video.php?sx=%22%3E%3Csvg%2Fonload%3Dalert%28%2FXSSPOSED%2F%29%3E=%22%3E%3Csvg%2Fonload%3Dalert%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.08.2017 Vulnerability type:| XSS Vulnerability status:|...

devices.wolfram.com XSS vulnerability

Open Bug Bounty ID: OBB-248904 Description| Value ---|--- Affected Website:| devices.wolfram.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

reference.wolfram.com XSS vulnerability

Vulnerable URL: https://reference.wolfram.com/language/ref/N.html?q="'--! Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

wolfram.com XSS vulnerability

Vulnerable URL: http://www.wolfram.com/support/contact/email/?source="%3E%3Csvg/onload=alert'OPENBUGBOUNTY'%3E' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4304 VIP website...

wolfram.com XSS vulnerability

Vulnerable URL: http://wolfram.com/broadcast/video.php?sx="...