Tag
medium
threat
CVE-2026-44899 Mistune Image Directive CSS Injection Vulnerability
2 rules 1 CVECVE-2026-44899 is a CSS Injection vulnerability in the Mistune Image Directive, potentially allowing for malicious CSS injection if user-supplied content is not properly sanitized.
Mistune Image Directive
css-injection
vulnerability
mistune
2r
1c
high
advisory
FreeScout CSS Injection Vulnerability in Mailbox Signature Leads to Privilege Escalation (CVE-2026-40497)
2 rules 2 TTPs 1 CVEFreeScout versions prior to 1.8.213 are vulnerable to CSS injection via the mailbox signature, allowing an attacker with mailbox settings access to exfiltrate CSRF tokens and escalate privileges.
freescout
css-injection
privilege-escalation
cve-2026-40497
2r
2t
1c