Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2024-27092
- EPSS 0.61%
- Veröffentlicht 29.02.2024 01:44:19
- Zuletzt bearbeitet 01.04.2025 15:22:06
Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label (Edit Team) - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload (external link) is presented in clickable form - easie...
8.8
CVE-2023-34097
- EPSS 0.68%
- Veröffentlicht 05.06.2023 21:15:11
- Zuletzt bearbeitet 21.11.2024 08:06:32
hoppscotch is an open source API development ecosystem. In versions prior to 2023.4.5 the database password is exposed in the logs when showing the database connection string. Attackers with access to read system logs will be able to elevate privileg...
- EPSS 1.2%
- Veröffentlicht 06.01.2022 03:15:06
- Zuletzt bearbeitet 24.02.2026 19:20:17
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hoppscotch hoppscotch/hoppscotch.This issue affects hoppscotch/hoppscotch before 2.1.1.