CVE-2025-40704
- EPSS 0.03%
- Veröffentlicht 29.08.2025 11:17:06
- Zuletzt bearbeitet 02.09.2025 16:59:31
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...
CVE-2025-40703
- EPSS 0.03%
- Veröffentlicht 29.08.2025 11:16:53
- Zuletzt bearbeitet 02.09.2025 16:59:46
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...
CVE-2025-40702
- EPSS 0.03%
- Veröffentlicht 29.08.2025 11:16:32
- Zuletzt bearbeitet 02.09.2025 16:59:58
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a re...
CVE-2025-51536
- EPSS 0.13%
- Veröffentlicht 04.08.2025 00:00:00
- Zuletzt bearbeitet 23.09.2025 19:08:01
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.
CVE-2025-51534
- EPSS 0.08%
- Veröffentlicht 04.08.2025 00:00:00
- Zuletzt bearbeitet 20.09.2025 03:16:38
A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field.
CVE-2025-51535
- EPSS 0.07%
- Veröffentlicht 04.08.2025 00:00:00
- Zuletzt bearbeitet 20.09.2025 03:16:23
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability.