Summary The NodeJS version of HAX CMS uses an insecure default configuration designed for local development. The default configuration does not perform authorization or authentication checks. Details ...
Continue Reading
July 24, 2025
HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts. ...
Continue Reading
July 24, 2025
Stored Cross-Site Scripting (XSS) vulnerability in Chaindesk thru 2025-05-26 in its agent chat component. An attacker can achieve arbitrary client-side script execution by crafting an AI agent whose s ...
Continue Reading
July 24, 2025
A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT...Read More ...
Continue Reading
July 24, 2025
HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts. ...
Continue Reading
July 24, 2025
HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts. ...
Continue Reading
July 24, 2025
Multicluster engine for Kubernetes 2.7.5 General Availability release images, which fix bugs and update container images. Multicluster engine for Kubernetes v2.7.5 images Multicluster engine for Kuber ...
Continue Reading
July 23, 2025
HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts. ...
Continue Reading
July 22, 2025
Back to Main
