Leepeuker Movary
8 CVEs affecting Leepeuker Movary. Latest disclosed: 2026-04-18. Critical: 3, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-23841 | Critical | 9.3 | 2026-01-19 | Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripti… |
CVE-2026-23840 | Critical | 9.3 | 2026-01-19 | Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripti… |
CVE-2026-23839 | Critical | 9.3 | 2026-01-19 | Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can trigger cross-site scripti… |
CVE-2026-40350 | High | 8.8 | 2026-04-18 | Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can access the user-manageme… |
CVE-2026-40349 | High | 8.8 | 2026-04-18 | Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can escalate their own accou… |
CVE-2026-40348 | High | 7.7 | 2026-04-18 | Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requ… |
CVE-2025-64115 | | 2025-10-30 | Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly… | |
CVE-2025-64116 | | 2025-10-30 | Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validatio… |