CVE-2026-47900 | logseq up to 0.10.15 package.json Name cross site scripting

Inserito da Angelo Barbosa | Giu 9, 2026 | CVE

A vulnerability marked as problematic has been reported in logseq up to 0.10.15. Affected is an unknown function of the file package.json. Performing a manipulation of the argument Name results in cross site scripting.

This vulnerability is known as CVE-2026-47900. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-47900 | logseq up to 0.10.15 package.json Name cross site scripting

Post correlati

CVE-2024-35300 | JetBrains TeamCity prior 2024.03.1 Update Page cross site scripting

CVE-2025-5885 | Konica Minolta bizhub up to 20250202 cross-site request forgery

CVE-2024-30120 | HCL DRYiCE Optibot Reset Station 1.0/2.0 Web Application assignment to variable without use (KB0113496)

CVE-2026-9732 | planetshaker EmergencyWP Plugin up to 1.4.2 on WordPress Setting add_cap/remove_cap form_settings_ui cross-site request forgery