CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|
| CVE-2026-38934 | Hig | 0.57 | 8.8 | 0.00 | | Apr 27, 2026 | Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php |
| CVE-2026-38936 | Med | 0.40 | 6.1 | 0.00 | | Apr 27, 2026 | A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter |
| CVE-2026-38935 | Med | 0.40 | 6.1 | 0.00 | | Apr 27, 2026 | A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter |
