Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.53.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
XSS
Trilium
NVD
GitHub
CVSS 3.1
5.4
EPSS
0.4%
In Joomla component 'Joomlatools - DOCman 3.5.13 (and likely most versions below)' are affected to an reflected Cross-Site Scripting (XSS) in an image upload function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XSS
Docman
NVD
CVSS 3.1
6.1
EPSS
0.5%