Lucene search
K
Bdu FstecRecent

90336 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.2 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory, which allows an attacker to cause a service failure.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow a remote attacker to cause service interruptions...

10CVSS7.5AI score0.00483EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the asynchronous network library Tornado, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the asynchronous network library Tornado is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS7.2AI score0.00375EPSS
Exploits0References11Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability of the frmL7ImForm function in the goform/L7Im microprogramming system for Tenda F456 allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the frmL7ImForm function in the goform/L7Im microprogramming system for Tenda F456 is related to the execution of an operation outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or...

9CVSS8AI score0.00438EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the DNS proxy server of the PAN-OS operating system allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the DNS proxy server of the PAN-OS operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures or execute arbitrary code...

9CVSS6.3AI score0.00408EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability of the formPPTPSetup function in the goform/formPPTPSetup file of the POST Request Handler component of the wireless signal amplifiers’ microprogramming system, Edimax BR-6675nD, allows a hacker to trigger a service failure.

The vulnerability of the formPPTPSetup function in the goform/formPPTPSetup file of the POST Request Handler component of the wireless signal amplifiers’ microprogramming system, Edimax BR-6675nD, is related to the operation of the function beyond the buffer in memory when processing the...

9CVSS7.5AI score0.00542EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the Blitz Identity Provider software, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the Blitz Identity Provider software is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

4.2CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the Go programming language, related to errors in the certificate validation process, allows a perpetrator to cause service failures.

The vulnerability of the Go programming language is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.8CVSS5.8AI score0.00349EPSS
Exploits0References8Affected Software29
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the Squid proxy server, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of the Squid proxy server is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.6CVSS6.1AI score0.08942EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the Python library for working with PDF files, PyPDF, relates to the execution of a loop with an unreachable exit condition, allowing a hacker to cause a service failure.

The vulnerability of the Python library for working with PDF files, PyPDF, is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.2CVSS5.9AI score0.00168EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability in the Open WebUI web interface, related to the unlimited loading of dangerous type files, allows attackers to bypass existing security mechanisms and load any files they desire.

The vulnerability of the Open WebUI web interface is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms and load any desired files...

8.7CVSS5.8AI score0.0018EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the JOSE library Authlib implementation for OAuth and OpenID Connect servers lies in the exposure of information due to inconsistencies, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the JOSE library Authlib implementation for OAuth and OpenID Connect servers is related to the disclosure of information due to incompatibility. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.5CVSS5.8AI score0.00142EPSS
Exploits1References8Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability in the Open WebUI web interface, related to the mechanism for restricting access to API keys, allows attackers to bypass existing security measures and gain unauthorized access to protected information.

The vulnerability in the Open WebUI web interface is related to the mechanism for restricting access to API keys. Exploiting this vulnerability allows a malicious actor to bypass existing security measures and gain unauthorized access to protected information...

8.5CVSS5.8AI score0.00309EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.9 views

The vulnerability of the BuildKit container-building software lies in the improper restriction of the path name to the restricted-access directory, which allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the BuildKit container-building software is related to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00463EPSS
Exploits0References7Affected Software12
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the node-tar library on the Node.js software platform allows attackers to gain unauthorized access to protected information.

The vulnerability of the node-tar library in the Node.js software platform is related to an incorrect limitation on the path name for the restricted-access directory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.8AI score0.00253EPSS
Exploits4References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.2 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, related to integer overflow, allows attackers to cause service failures.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to integer overflows. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...

10CVSS7.3AI score0.0036EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the Go programming language lies in the incorrect definition of the link before accessing a file, which allows attackers to escalate their privileges.

The vulnerability of the Go programming language is related to the incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.4CVSS5.8AI score0.00292EPSS
Exploits0References8Affected Software10
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.3 views

The vulnerability of the webbrowser.open() function in the CPython interpreter allows a hacker to trigger a service failure.

The vulnerability of the webbrowser.open function in the CPython interpreter is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

3.3CVSS5.8AI score0.00308EPSS
Exploits0References21Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability of the Go programming language, related to the lack of measures taken to protect web page structures, allows attackers to execute arbitrary code.

The vulnerability of the Go programming language is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

6.4CVSS6.1AI score0.0029EPSS
Exploits0References8Affected Software25
BDU FSTEC
BDU FSTEC
added 2026/05/24 12:0 a.m.4 views

The vulnerability of the secure_popen() function in the Glances monitoring tool allows a hacker to execute arbitrary commands.

The vulnerability of the securepopen function in the Glances monitoring tool is related to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

7CVSS6.1AI score0.00243EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/24 12:0 a.m.4 views

The vulnerability of the export module of the Glances monitoring tool allows a hacker to execute arbitrary code.

The vulnerability of the export module of the Glances monitoring tool relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9.4CVSS6.1AI score0.00325EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/24 12:0 a.m.4 views

The vulnerability of the GlancesServersList.get_servers_list() function in the Glances monitoring tool’s application interface allows a hacker to gain unauthorized access to protected information.

The vulnerability of the GlancesServersList.getserverslist function in the Glances monitoring tool’s application interface is related to the lack of protection for service data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

9.4CVSS5.8AI score0.00472EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/24 12:0 a.m.4 views

The vulnerability in the web interface of the Glances monitoring tool allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Glances monitoring tool’s web interface is related to the lack of a mechanism for verifying the source of the data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.1CVSS5.8AI score0.0016EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GNU Binutils development environment lies in the execution of a loop with an unreachable exit condition, allowing an attacker to cause a service failure.

The vulnerability of the GNU Binutils development tool lies in the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.2CVSS6AI score0.00176EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the has_access_to_file() function in the Open WebUI artificial intelligence-based web interface allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the hasaccesstofile function in the Open WebUI artificial intelligence-based web interface relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

9CVSS5.8AI score0.0027EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the Apache Tomcat application server arises from a lack of mechanisms for encoding or shielding output data. This allows attackers to execute arbitrary code.

The vulnerability of the Apache Tomcat application server is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00461EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the Banner component in the Open WebUI web interface allows a hacker to manipulate inter-site requests and intercept the administrator’s session.

The vulnerability of the Banner web interface component based on artificial intelligence, Open WebUI, is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to manipulate inter-site requests and intercept the administrator...

8.5CVSS5.8AI score0.00322EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the Open WebUI web interface, related to deficiencies in the authentication process, allows attackers to escalate their privileges and disclose sensitive information.

The vulnerability of the Open WebUI web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges and disclose sensitive information...

6.8CVSS5.7AI score0.00226EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the application software interface of the Drupal CMS system allows a hacker to enhance their privileges and execute arbitrary code.

The vulnerability of the application software interface of the Drupal CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code...

6.5CVSS6.4AI score0.84631EPSS
Exploits13References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the setcred() function in the operating system kernel of FreeBSD allows a perpetrator to execute arbitrary code, increase their privileges, or cause service failures.

The vulnerability of the setcred function in the operating system kernel of FreeBSD is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code, increase their privileges, or cause service failures...

7.8CVSS6.3AI score0.00409EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to the use of an unreliable search path. This allows attackers to escalate their privileges and execute arbitrary commands.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to the use of an unreliable search path. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary commands...

7.8CVSS6.1AI score0.00155EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the PAN-OS operating system’s web interface allows attackers to circumvent security restrictions and execute arbitrary commands.

The vulnerability of the PAN-OS operating system’s web interface is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands remotely...

9CVSS6AI score0.01336EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems relates to the possibility of using memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS6.1AI score0.00789EPSS
Exploits0References2Affected Software14
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.5 views

The vulnerability of the Prisma SD-WAN ION network management tool, related to errors in the certificate validation process, allows a hacker to execute a type of “man-in-the-middle” attack.

The vulnerability of the Prisma SD-WAN ION network management tool is related to errors in the certificate authentication process. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

8.8CVSS5.9AI score0.00107EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the WAN ARP Driver for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the WAN ARP Driver for Windows operating systems relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00298EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS6.1AI score0.00328EPSS
Exploits0References2Affected Software17
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the automated penetration testing system, related to the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary commands.

The vulnerability of automated penetration testing systems relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the server...

8CVSS6.1AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the automated penetration testing system, related to the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary commands.

The vulnerability of automated penetration testing systems relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the server...

8.5CVSS6.1AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment is related to deficiencies in authentication procedures, which allow unauthorized users to elevate their privileges.

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers who operate remotely to gain increased privileges...

7.7CVSS5.8AI score0.00292EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the Volume Manager Extension Driver for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Volume Manager Extension Driver for Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

6.8CVSS6.3AI score0.00462EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows Common Log File System Driver in the operating system is related to a countable amount of importance loss. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.8AI score0.00273EPSS
Exploits0References2Affected Software21
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the Windows Admin Center server management tool, related to access control errors, allows a perpetrator to increase their privileges.

The vulnerability of the Windows Admin Center management tool is related to access control errors. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

9CVSS5.8AI score0.00427EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of Microsoft Excel spreadsheet editors in Microsoft Office packages and Microsoft 365 Apps for Enterprise allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft Excel spreadsheet editors within the Microsoft Office and Microsoft 365 Apps for Enterprise products is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6.3AI score0.00321EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of Microsoft Visual Studio Code’s editor, related to errors in the mechanism for handling relative pathnames to directories, allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft Visual Studio Code’s editor is related to errors in the mechanism for handling relative pathnames to directories. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.8AI score0.00495EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the BuildKit container-building software lies in the improper restriction of the path name to the restricted-access directory, which allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the BuildKit container-building software is related to an incorrect limitation on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

10CVSS5.8AI score0.00498EPSS
Exploits0References6Affected Software9
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to access segmentation errors, allows attackers to carry out spear-phishing attacks.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to access control errors. Exploiting this vulnerability could allow attackers to carry out spear-phishing attacks...

6.2CVSS5.8AI score0.00363EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.5 views

The vulnerability of the software for interacting with servers via cURL, related to bypassing authentication due to a fundamental error, allows attackers to escalate their privileges.

The vulnerability of the software for interacting with servers via cURL is related to the bypassing of authentication due to a fundamental flaw. Exploiting this vulnerability allows a remote attacker to increase their privileges...

6.8CVSS7.1AI score0.00259EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute arbitrary code.

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

9CVSS6.1AI score0.00388EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the Open WebUI web interface, related to the lack of authentication, allows a perpetrator to trigger a service failure.

The vulnerability of the Open WebUI web interface is related to the lack of authentication during the processing of the final endpoint /api/v1/memories/ef. Exploiting this vulnerability allows a malicious actor to cause service failures by sending a specially crafted GET request...

6.5CVSS5.8AI score0.00341EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability in the Open WebUI web interface, related to bypassing authentication using a user-controlled key, allows attackers to gain unauthorized access to protected information.

The vulnerability in the Open WebUI web interface relates to bypassing authentication using a key controlled by the user during the processing of the final endpoint /api/chat/completions. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

7.5CVSS5.8AI score0.00231EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability in the Open WebUI web interface, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability in the Open WebUI web interface is related to the lack of protection for the structure of the web page when processing the profileimageurl field. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

5.5CVSS5.6AI score0.00199EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities90336