Approved changes feed: RSS · Atom
cpe:2.3:a:acdh-ch:openatlas:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Acdh Ch (6d4b79e7-6fff-59df-a8dc-8c5f309300a7) |
|---|---|
| Product | Openatlas (9aa75a30-8172-57db-9866-b8d492d5d3e4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-40709 |
vulnerable | 2026-06-03 15:01:13.251830 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/person/<ID>” petition, "name" and "alias-0” parameters.
Published: 2025-08-29T11:18:17.870Z
Updated: 2025-08-29T11:50:38.804Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40708 |
vulnerable | 2026-06-03 15:01:13.251361 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/event" petition, "name" parameter.
Published: 2025-08-29T11:18:03.432Z
Updated: 2025-08-29T13:44:55.517Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40707 |
vulnerable | 2026-06-03 15:01:13.250682 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/place" petition, "name" and "alias-0” parameters.
Published: 2025-08-29T11:17:41.267Z
Updated: 2025-08-29T11:30:28.087Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40706 |
vulnerable | 2026-06-03 15:01:13.250338 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/source" petition, "name" parameter.
Published: 2025-08-29T11:17:27.929Z
Updated: 2025-08-29T11:30:59.164Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40705 |
vulnerable | 2026-06-03 15:01:13.249879 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/acquisition" petition, "name" parameter.
Published: 2025-08-29T11:17:17.539Z
Updated: 2025-08-29T11:32:22.619Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40704 |
vulnerable | 2026-06-03 15:01:13.249520 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/edition" petition, "name" parameter.
Published: 2025-08-29T11:17:06.661Z
Updated: 2025-08-29T11:32:57.751Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40703 |
vulnerable | 2026-06-03 15:01:13.248945 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/group" petition, "name" and "alias-0” parameters.
Published: 2025-08-29T11:16:53.723Z
Updated: 2025-08-29T11:42:02.959Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40702 |
vulnerable | 2026-06-03 15:01:13.247493 |
Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/file" petition, "creator" and "license_holder" parameters.
Published: 2025-08-29T11:16:32.480Z
Updated: 2025-08-29T11:42:45.694Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.