CVE-2026-28401 | NocoDB up to 0.301.2 v-html HTML injection

Inserito da Angelo Barbosa | Mar 2, 2026 | CVE

A vulnerability, which was classified as problematic, was found in NocoDB up to 0.301.2. The affected element is an unknown function of the component v-html. The manipulation results in HTML injection.

This vulnerability is known as CVE-2026-28401. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.

CVE-2026-28401 | NocoDB up to 0.301.2 v-html HTML injection

Post correlati

CVE-2024-57258 | DENEX U-Boot prior 2025.01-rc1 Memory Allocator integer overflow

CVE-2024-12346 | Talentera up to 20241128 byt_cv_manager redirect_url cross site scripting

CVE-2025-57797 | PFU ScanSnap Manager Installer prior 6.5L61 privileges assignment

CVE-2024-41122 | woodpecker-ci woodpecker up to 2.6.x injection (ID 10)