Account Takeover

color is vulnerable to Account Takeover. The vulnerability is due to a phishing-based takeover of the npm publishing account, which allowed an attacker to inject malware that attempted to redirect cryptocurrency transactions in browser environments...

Cross-site Scripting (XSS)

io.vertx:vertx-web is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper escaping of file and directory names in generated HTML when directory listing is enabled, which allows an attacker to craft malicious filenames that execute arbitrary scripts in the browser of users...

Command Injection

org.fitnesse:fitnesse is vulnerable to Command Injection. The vulnerability is due to improper validation of user-supplied input, which allows a remote authenticated attacker to inject and execute arbitrary operating system commands...

Cross-site Scripting

com.liferay.account.admin.web is vulnerable to Cross-Site Scripting. The vulnerability is due to insufficient input validation and improper output encoding due to the Account "Name" text field. This allows an attacker can inject a crafted payload into that field which is stored and later rendered...

Cross-site Scripting

com.liferay.commerce.order.web is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input validation and output encoding due to the Account “Name” text field accepting unneutralized input; an attacker can inject a crafted payload into that field which is stored and...

Timing Attack

com.ongres.scram:scram-common is vulnerable to Timing Attack. The vulnerability is due to the use of Arrays.equals for comparing sensitive authentication values, which performs short-circuit evaluations and causes variable execution times, allowing an attacker to exploit timing differences to inf...

Deserialization Of Untrusted Data

h2o is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of JDBC connection parameters with insufficient input validation, which allows an attacker to bypass regular expression checks using double URL encoding and subsequently read arbitrary files or...

Cross-site Scripting

com.liferay.portal.workflow.kaleo.designer.web is vulnerable to Cross-Site Scripting. The vulnerability is due to the workflow builder accepting and persisting crafted input without neutralizing HTML/JavaScript, allowing attackers to inject arbitrary web script or HTML by submitting specially...

Improper Domain Name Validation

com.liferay.portal, com.liferay.portal.impl is vulnerable to an improper domain name validation. The vulnerability is due to incorrect identification of the subdomain in domain names, which can lead to the creation of a supercookie, allowing an attacker controlling a website with the same top-lev...

Stored Cross-Site Scripting (XSS)

n8n is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user input in the initialMessages field of the @n8n/n8n-nodes-langchain.chatTrigger component, which allows an attacker to inject malicious JavaScript that executes in the browser of users...

Cross-site Scripting (XSS)

com.liferay, com.liferay.dynamic.data.mapping.form.field.type is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper validation of user-supplied input in rich text type fields within objects, which allows an attacker to inject and execute arbitrary web scripts or HTML...

Cross-site Scripting

dotnetnuke.core is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper encoding of user input in URL and template rendering, allowing attackers to inject malicious scripts that execute in victims’ browsers...

Cross-site Scripting

dotnetnuke.core is vulnerable to Cross-Site Scripting. The vulnerability is due to lack of input sanitization of module titles due to administrators and content editors being able to set raw HTML including JavaScript in titles, allowing attackers to inject scripts that execute in other user's...

SQL Injection

net.mingsoft:ms-mcms is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the contenttitle parameter in the /cms/content/list endpoint, which allows an attacker to inject and execute arbitrary SQL queries through crafted input in the FreeMarker template rendering...

Cross-site Scripting (XSS)

net.mingsoft:ms-mcms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper validation of user-supplied input, which allows an attacker to inject and execute arbitrary JavaScript in the victim’s browser through a crafted payload...

Improper Access Control

Liferay Portal is vulnerable to Improper Access Control. The vulnerability is due to the default membership type being set to “Open” due to newly created sites allowing any registered user to become a member, enabling remote attackers who join the site to view, add, or edit content...

Improper Authentication

com.liferay, com.liferay.multi.factor.authentication.timebased.otp.web is vulnerable to improper authentication. The vulnerability is due to the reuse of time-based one-time passwords TOTP within their validity period, which allows an attacker with access to a user’s TOTP to authenticate as that...

Predictable Random Number Generator (PRNG)

org.sakaiproject.kernel, sakai-kernel-impl is vulnerable to Use of a Predictable Random Number Generator PRNG. The vulnerability is due to the use of java.util.Random, a non-cryptographic PRNG, for initializing the AES256TextEncryptor password, which allows an attacker to predict the encryption k...

Improper Access Control

com.liferay.portal, release.portal.bom is vulnerable to improper access control. The vulnerability is due to the failure to restrict API access before a user changes their initial password, which allows an attacker to remotely access and modify content via the API...

Identity Spoofing

org.igniterealtime.openfire, xmppserver is vulnerable to identity spoofing. The vulnerability is due to regex-based extraction of the Common Name CN from an unescaped, provider-dependent Distinguished Name DN string, which allows an attacker to impersonate other users using crafted certificate...

Denial-of-Service (DoS)

Liferay Portal is vulnerable to a Denial-of-Service DoS. The vulnerability is due to the application not limiting the number of objects returned from GraphQL queries, which allows an attacker to execute queries that return a large number of objects and exhaust system resources...

Stored Cross-Site Scripting (XSS)

com.liferay, com.liferay.users.admin.web is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper sanitization or escaping of user input in organization site names, which allows an attacker to inject and execute malicious JavaScript code on affected instances...

Improper Access Control

io.vertx:vertx-web is vulnerable to Improper Access Control. The vulnerability is due to a flaw in the StaticHandler configuration that restricts access only to hidden files but not hidden directories, which allows an attacker to access sensitive files such as .git/config within hidden directorie...

Content Spoofing

org.wso2.identity.apps:authentication-portal is vulnerable to Content Spoofing. The vulnerability is due to improper handling and validation of error messages passed through URL parameters, which allows an attacker to inject arbitrary content into the user interface and deceive users through...

Log Injection

Jenkins is vulnerable to Log Injection. The vulnerability is due to insufficient restriction or sanitization of user-supplied content in log messages, which allows an attacker to inject line break characters and forge log entries, misleading administrators during log reviews...

Expression Language Injection

Spring Cloud Gateway Server Webflux is vulnerable to Expression Language Injection. The vulnerability is due to unsafe SpEL evaluation in routes due to the actuator gateway endpoint being exposed and accessible to untrusted users; attackers can create routes that use SpEL to read environment...

Supply Chain Attack

@metamask/sdk, @metamask/sdk-communication-layer, and @metamask/sdk-react are vulnerable to Supply Chain Attack. The vulnerability is due to a compromised debug package that injected malicious code, allowing attackers to intercept or tamper with dApp-to-wallet communications...

Cross-site Scripting (XSS)

com.liferay, com.liferay.dynamic.data.mapping.form.field.type is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper validation of user-supplied input in "Rich Text" type fields within web content structures, document types, or custom assets using the Data Engine module,...

Remote Code Execution (RCE)

Flowise is vulnerable to remote code execution RCE. The vulnerability is due to unsanitized evaluation of user input in the “Supabase RPC Filter” field, which allows an attacker to execute arbitrary code on the affected system...

Regular Expression Denial Of Service (ReDoS)

transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing in the removelanguagecode method of the MarianTokenizer, which allows an attacker to exploit crafted input strings with malformed language code patterns ...

Server-Side Request Forgery (SSRF)

Flowise is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of user-supplied URLs in the /api/v1/fetch-links endpoint, which allows an attacker to exploit the server as a proxy to access internal network resources and explore their link structures...

Cross-site Scripting (XSS)

org.apache.geode, geode-web-api is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user input in the web API REST interface, which allows an attacker to inject malicious scripts and execute arbitrary code on the returned page, potentially leading to...

Incorrect Execution-Assigned Permissions

org.apache.streampark:streampark is vulnerable to Incorrect Execution-Assigned Permissions. The vulnerability is due to improper handling of execution-assigned permissions, which allows an attacker to gain unauthorized access or execute actions with elevated privileges...

Protection Mechanism Failure

picklescan is vulnerable to Protection Mechanism Failure. The vulnerability is due to improper module name validation in the unsafe globals check, which allows an attacker to bypass security filters by using submodules of dangerous packages e.g., asyncio.unixevents, leading to the execution of...

Improper Authorization

com.liferay, com.liferay.organizations.item.selector.web is vulnerable to an improper authorization. The vulnerability is due to the organization selector not checking user permissions, which allows an attacker to obtain a list of all organizations...

Improper Input Validation

@anthropic-ai/claude-code is vulnerable to Improper Input Validation. The vulnerability is due to an error in command parsing that allows an attacker to bypass the confirmation prompt and trigger execution of untrusted commands by injecting malicious content into a Claude Code context window...

Cross-site Scripting (XSS)

wabac.js is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of the requestURL parameter embedded directly into an inline...

Insecure Direct Object Reference (IDOR)

com.liferay, com.liferay.object.service is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to insufficient access control between virtual instances, which allows an attacker to access, create, edit, or relate data and object entries/definitions across different virtu...

Account Takeover

Flowise is vulnerable to Account Takeover. The vulnerability is due to the forgot-password endpoint returning a valid password reset tempToken without authentication or verification, which allows an attacker to generate reset tokens for arbitrary users and reset their passwords...

Privilege Escalation

intelliants/subrion is vulnerable to privilege escalation. The vulnerability is due to improper access control in the built-in “Run SQL Query” feature under the SQL Tool admin panel, which allows authenticated administrators or moderators to execute arbitrary SQL commands and gain escalated...

Improper Input Validation

Hono is vulnerable to improper input validation. The vulnerability is due to a flaw in the bodyLimit middleware that prioritized the Content-Length header over Transfer-Encoding: chunked, which allows an attacker to bypass the configured request body size limit and potentially cause a denial of...

Cross-site Scripting

jsondiffpatch is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization in HtmlFormatter::nodeBegin, allowing attackers to inject malicious scripts that execute when the HTML formatter renders untrusted diff content...

HTTP Request Smuggling

ASP.NET Core is vulnerable to HTTP Request Smuggling.The vulnerability is due to inconsistent interpretation of HTTP requests between front-end and back-end components, which allows an authorized attacker to bypass security features over a network...

DNS Rebinding

Neo4j Cypher MCP is vulnerable to DNS Rebinding. The vulnerability is due to the MCP server trusting requests from rebinding hostnames, and attackers can lure users to a malicious website that rebinding succeeds on to bypass Same-Origin Policy and invoke tools against local Neo4j instances...

Cross-site Scripting

Liferay Portal is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization in the /c/portal/comment/discussion/geteditor endpoint, allowing attackers to inject and execute arbitrary web scripts in a victim’s browser...

Stored Cross-site Scripting (XSS)

Liferay Portal is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization in the remote app title field, which allows an attacker to inject arbitrary web scripts or HTML content that can be executed in a user’s browser...

Information Disclosure

Liferay Portal is vulnerable to Information Disclosure. The vulnerability is due to improper handling of object entry enumeration responses, which allows an attacker to determine the existence of specific External Reference Codes ERC in the application by exploiting response time differences...

Reflected Cross-Site Scripting (XSS)

com.liferay, com.liferay.portal.search.web is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper input validation of user-supplied data in the search bar portlet URL, which allows an attacker to inject and execute arbitrary web scripts or HTML in a victim’s...

Improper Access Control

flaskappbuilder is vulnerable to improper access control. The vulnerability is due to the password reset endpoint remaining accessible when using OAuth, LDAP, or other non-database authentication methods, which allows an attacker to reset passwords and create valid JWT tokens even for disabled us...

Malware Injection

prebid-universal-creative is vulnerable to malware injection. The vulnerability is due to the inclusion of crypto-related malicious code and the latest release, which allows an attacker to execute unauthorized cryptocurrency-related operations on affected systems...