Alexander Starikov

2 exploits Active since May 2023
CVE-2023-31779 NOMISEC MEDIUM WRITEUP
Wekan < 6.84 - Authenticated Stored Cross-Site Scripting via Reaction to Comment Feature
Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.
1 stars
CVSS 5.4
CVE-2024-25175 NOMISEC MEDIUM WRITEUP
kickdler < 1.107.0 - Cross-Site Scripting via HTTP Response Splitting
An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack.
CVSS 6.1