CVE-2026-48904

Same vendor

• CVE-2026-48905 — Lack of input filtering leads to an XSS vector in the HTML filter code (6.1 MEDIUM)
• CVE-2026-48903 — Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components (6.1 MEDIUM)
• CVE-2026-48902 — The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set (9.8 CRITICAL)
• CVE-2026-48901 — The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key (7.5 HIGH)
• CVE-2026-48900 — An improper access check allowed low privileged users to edit the task types of existing scheduler tasks (4.3 MEDIUM)

Same CWE

• CVE-2026-46695 — Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (10.0 CRITICAL)
• CVE-2026-50564 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (9.9 CRITICAL)
• CVE-2026-50563 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (9.9 CRITICAL)
• CVE-2026-50545 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (9.9 CRITICAL)
• CVE-2026-49824 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)