Loading...

Initializing...

Research

Vulnerability research history, security findings, and CVE disclosures.

2025

Privilege Escalation: Content Editor to Administrator via Stored XSS

High
Responsible Disclosure · Stored XSS / Privilege Escalation

Found a stored cross-site scripting vulnerability that allows a content editor to escalate privileges to administrator. Malicious JavaScript injected through content fields executes in the context of an admin session, enabling full account takeover.

Stored XSS / Privilege Escalation
Unpublished — CVE pending disclosure

SQL Injection in Backend Filter Widget numberrange Scope via numbersFromAjax

High
Responsible Disclosure · SQL Injection

Discovered a SQL injection vulnerability in the backend filter widget's numberrange scope. The numbersFromAjax parameter was not properly sanitized, allowing an attacker to inject arbitrary SQL queries through the filter mechanism.

SQL Injection
Unpublished — CVE pending disclosure

Incomplete Twig sandbox patch (CVE-202X-XXXXX bypass) allows data modification, exfiltration, and RCE via unblocked Model and Builder methods

High
Responsible Disclosure · Sandbox Escape / RCE

Identified an incomplete patch for a prior Twig sandbox escape CVE. Unblocked Model and Builder methods remained accessible within the sandbox, enabling data modification, data exfiltration, and remote code execution.

Sandbox Escape / RCE
Unpublished — CVE pending disclosure