Craws

Openatlas

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-56423

  • EPSS 0.06%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 28.11.2025 16:22:11

An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages

4.6

CVE-2025-60914

  • EPSS 0.04%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 28.11.2025 16:22:35

Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensitive information via sending a crafted GET request to the /display_logo endpoint.

8.1

CVE-2025-60915

  • EPSS 0.08%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 28.11.2025 16:22:43

An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request.

5.4

CVE-2025-60916

  • EPSS 0.06%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 28.11.2025 16:22:50

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafte...

4.6

CVE-2025-60917

  • EPSS 0.05%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 28.11.2025 16:22:57

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafte...

5.4

CVE-2025-40709

  • EPSS 0.03%
  • Veröffentlicht 29.08.2025 11:18:17
  • Zuletzt bearbeitet 02.09.2025 13:31:57

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...

5.4

CVE-2025-40708

  • EPSS 0.03%
  • Veröffentlicht 29.08.2025 11:18:03
  • Zuletzt bearbeitet 02.09.2025 13:32:17

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...

5.4

CVE-2025-40707

  • EPSS 0.03%
  • Veröffentlicht 29.08.2025 11:17:41
  • Zuletzt bearbeitet 02.09.2025 13:33:28

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...

5.4

CVE-2025-40706

  • EPSS 0.03%
  • Veröffentlicht 29.08.2025 11:17:27
  • Zuletzt bearbeitet 02.09.2025 16:55:53

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...

5.4

CVE-2025-40705

  • EPSS 0.03%
  • Veröffentlicht 29.08.2025 11:17:17
  • Zuletzt bearbeitet 02.09.2025 16:59:19

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...