Browse all 7 CVE security advisories affecting Naa986. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Naa986 is a software component commonly used in web applications and content management systems, primarily for handling user-generated content and dynamic page rendering. Historically, it has been associated with vulnerabilities including remote code execution, cross-site scripting (XSS), and privilege escalation, often stemming from insufficient input validation and improper access controls. The component has accumulated seven CVE records, with notable incidents involving RCE through unauthenticated endpoints and persistent XSS vulnerabilities in its templating engine. Security researchers have identified consistent patterns in its vulnerability profile, particularly around how it processes user-supplied data and interacts with backend systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-5205 | Videojs HTML5 Player <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via videojs_video Shortcode — Videojs HTML5 PlayerCWE-79 | 6.4 | Medium | 2024-05-24 |
This page lists every published CVE security advisory associated with Naa986. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.