Browse all 5 CVE security advisories affecting dylanjkotze. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Dylanjkotze is a security researcher focused on identifying vulnerabilities in web applications and software systems, with five CVEs primarily involving RCE and XSS flaws. Their work often centers on uncovering privilege escalation weaknesses in authentication mechanisms and API endpoints. While no major public incidents are directly linked to their research, their CVE contributions highlight consistent patterns in input validation and session management issues. Their findings typically affect enterprise software and content management platforms, demonstrating a systematic approach to discovering flaws that could lead to unauthorized system access or data exposure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12496 | Zephyr Project Manager <= 3.3.203 - Authenticated (Custom+) Arbitrary File Read And Server-Side Request Forgery — Zephyr Project ManagerCWE-22 | 4.9 | Medium | 2025-12-17 |
| CVE-2025-10490 | Zephyr Project Manager <= 3.3.202 - Authenticated (Admin+) Stored Cross-Site Scripting — Zephyr Project ManagerCWE-79 | 4.4 | Medium | 2025-09-26 |
| CVE-2024-7624 | Zephyr Project Manager <= 3.3.101 - Authenticated (Subscriber+) Limited Privilege Escalation — Zephyr Project ManagerCWE-285 | 8.1 | High | 2024-08-15 |
| CVE-2024-7356 | Zephyr Project Manager <= 3.3.100 - Authenticated (Subscriber+) Stored Cross-Site Scripting via filename Parameter — Zephyr Project ManagerCWE-79 | 6.4 | Medium | 2024-08-03 |
| CVE-2022-1822 | Zephyr Project Manager <= 3.2.40 - Reflected Cross-Site Scripting — Zephyr Project ManagerCWE-79 | 6.1 | Medium | 2022-06-13 |
This page lists every published CVE security advisory associated with dylanjkotze. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.