CVE-2026-28357 | NocoDB up to 0.301.2 cross site scripting

Inserito da Angelo Barbosa | Mar 2, 2026 | CVE

A vulnerability has been found in NocoDB up to 0.301.2 and classified as problematic. The impacted element is an unknown function. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2026-28357. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-28357 | NocoDB up to 0.301.2 cross site scripting

Post correlati

CVE-2023-6836 | WSO2 API Manager xml external entity reference

CVE-2024-6319 | IMGspider Plugin up to 2.3.10 on WordPress upload unrestricted upload

CVE-2025-1307 | spicethemes Newscrunch Plugin up to 1.8.4 on WordPress newscrunch_install_and_activate_plugin authorization

CVE-2025-22256 | Fortinet FortiPAM/FortiSRA up to 1.4.1 HTTP Request insufficient permissions or privileges (FG-IR-25-008)