2 matches found
CVE-2020-8545
The CVE-2020-8545 entry concerns Global.py in AIL framework version 2.8, where a path traversal vulnerability is reported. The connected documents consistently describe an issue in Global.py enabling path traversal, but do not provide concrete exploitation details, affected subcomponents beyond G...
CVE-2026-39416
Affected software: AIL Framework (pre-6.8). Vulnerable component: modal item preview. Root cause: stored XSS when item content >800 characters is returned without a proper text/plain content type, enabling injected HTML/JS in the context of an authenticated user. Impact: arbitrary script execu...