📦 Rucio

This is a reflected Cross-site Scripting (XSS) vulnerability in Rucio's WebUI that allows attackers to steal login session tokens. Attackers can craft malicious URLs that, when visited by users, execu...

Rucio versions prior to 35.8.3, 38.5.4, and 39.3.1 have a stored Cross-Site Scripting vulnerability in the WebUI's Custom Rules function. This allows attackers to inject malicious JavaScript that exec...

This stored XSS vulnerability in Rucio's WebUI allows attackers to inject malicious JavaScript into the Identity Name field, which persists in the backend and executes when users view affected pages. ...