CVE-2025-59424
- EPSS 0.04%
- Veröffentlicht 18.09.2025 19:53:38
- Zuletzt bearbeitet 06.10.2025 15:03:32
LinkAce is a self-hosted archive to collect website links. Prior to 2.3.1, a Stored Cross-Site Scripting (XSS) vulnerability has been identified on the /system/audit page. The application fails to properly sanitize the username field before it is ren...
CVE-2025-53838
- EPSS 0.04%
- Veröffentlicht 08.09.2025 19:18:17
- Zuletzt bearbeitet 06.10.2025 15:02:15
LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting (XSS) vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a ...
CVE-2024-56507
- EPSS 0.93%
- Veröffentlicht 27.12.2024 16:15:25
- Zuletzt bearbeitet 06.10.2025 15:04:22
LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting (XSS) vulnerability exists in the LinkAce. This issue occurs in the "URL" field of the "Edit Link" module, where user input...
CVE-2024-56508
- EPSS 0.35%
- Veröffentlicht 27.12.2024 16:15:25
- Zuletzt bearbeitet 06.10.2025 15:04:06
LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded con...