Skip to main content
CVE-2023-26132 HIGH POC PATCH This Week

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Prototype Pollution Dottie
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-3188 MEDIUM POC PATCH This Month

Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Owncast
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2023-3191 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Teampass
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-3190 MEDIUM POC PATCH This Month

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Teampass
NVD GitHub
CVSS 3.1
4.6
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy