Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-19213

Malicious code in bioql PyPI...

6.1CVSS4.8AI score0.00386EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/06/28 4:23 p.m.11 views

CVE-2025-6701

A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirecturl leads to open redirect. The attack may be initiated remotely. The exploit has...

6.1CVSS7AI score0.00258EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/06/26 6:31 p.m.7 views

Xuxueli XXL-SSO Cross-site Scripting vulnerability

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

6.1CVSS3.8AI score0.00386EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/06/26 6:31 p.m.10 views

XXL SSO is vulnerable to an Open Redirect through malicious manipulation of the redirect_url argument

A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirecturl leads to open redirect. The attack may be initiated remotely. The exploit has...

6.1CVSS6.9AI score0.00258EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2025/06/26 6:31 p.m.3 views

GHSA-2JFG-73Q2-24QV Xuxueli XXL-SSO Cross-site Scripting vulnerability

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

5.3CVSS5.5AI score0.00386EPSS
Exploits1References6
OSV
OSV
added 2025/06/26 6:31 p.m.8 views

GHSA-R26V-98QJ-48Q9 XXL SSO is vulnerable to an Open Redirect through malicious manipulation of the redirect_url argument

A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirecturl leads to open redirect. The attack may be initiated remotely. The exploit has...

5.1CVSS3.7AI score0.00258EPSS
Exploits1References6
Snyk
Snyk
added 2025/06/26 4:43 p.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the errorMsg parameter in the /xxl-sso-server/login process. An attacker can inject and execute arbitrary scripts in the context of a user's browser by crafting a malicious request. Details Cross-site...

6.1CVSS5.5AI score0.00386EPSS
Exploits1References2
Snyk
Snyk
added 2025/06/26 4:42 p.m.3 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via the redirecturl parameter in the /xxl-sso-server/doLogin and /xxl-sso-server/login endpoints. An attacker can redirect users to arbitrary external sites by crafting a malicious link and tricking authenticated users int...

6.1CVSS6.9AI score0.00258EPSS
Exploits1References2
NVD
NVD
added 2025/06/26 4:15 p.m.10 views

CVE-2025-6701

A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirecturl leads to open redirect. The attack may be initiated remotely. The exploit has...

6.1CVSS0.00258EPSS
Exploits1References4
NVD
NVD
added 2025/06/26 4:15 p.m.31 views

CVE-2025-6700

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

6.1CVSS0.00386EPSS
Exploits1References4
OSV
OSV
added 2025/06/26 4:15 p.m.3 views

CVE-2025-6700

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

6.1CVSS3.7AI score0.00386EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/26 4:0 p.m.3 views

CVE-2025-6701 Xuxueli xxl-sso doLogin redirect

A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirecturl leads to open redirect. The attack may be initiated remotely. The exploit has...

5.1CVSS7AI score0.00258EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/26 4:0 p.m.13 views

CVE-2025-6701 Xuxueli xxl-sso doLogin redirect

A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirecturl leads to open redirect. The attack may be initiated remotely. The exploit has...

5.1CVSS0.00258EPSS
Exploits1References4
CVE
CVE
added 2025/06/26 4:0 p.m.25 views

CVE-2025-6701

CVE-2025-6701 affects Xuxueli xxl-sso 1.1.0. The vulnerability is an open redirect caused by manipulating the redirect_url parameter in /xxl-sso-server/doLogin, with remote attack potential. Public disclosures and PoCs exist; exploitation status varies by source. Remediation: upgrade to com.xuxue...

6.1CVSS7AI score0.00258EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/06/26 3:31 p.m.29 views

CVE-2025-6700 Xuxueli xxl-sso login cross site scripting

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

5.3CVSS0.00386EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/26 3:31 p.m.6 views

CVE-2025-6700 Xuxueli xxl-sso login cross site scripting

A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

5.3CVSS6.4AI score0.00386EPSS
Exploits1References4
CVE
CVE
added 2025/06/26 3:31 p.m.22 views

CVE-2025-6700

CVE-2025-6700 affects Xuxueli xxl-sso 1.1.0. A flaw in the /xxl-sso-server/login endpoint allows manipulation of the errorMsg parameter to trigger cross-site scripting (XSS). Impact is remote attackers could execute scripts in a user’s browser; multiple sources report public PoC/disclosure and on...

6.1CVSS6.4AI score0.00386EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.8 views

PT-2025-26989 · Xuxueli · Xuxueli Xxl-Sso

Name of the Vulnerable Software and Affected Versions: Xuxueli xxl-sso version 1.1.0 Description: A problematic issue was found in the software, affecting the /xxl-sso-server/login file. The manipulation of the errorMsg argument leads to cross-site scripting. The attack can be initiated remotely...

5.3CVSS6.6AI score0.00386EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.7 views

PT-2025-27000 · Xuxueli · Xuxueli Xxl-Sso

Name of the Vulnerable Software and Affected Versions: Xuxueli xxl-sso version 1.1.0 Description: A problematic issue has been found in the software, affecting the processing of the file /xxl-sso-server/doLogin. The manipulation of the redirect url argument leads to an open redirect. This issue c...

6.1CVSS6.9AI score0.00258EPSS
Exploits1References9
Rows per page
Query Builder