Vulnerabilidades en hoppscotch
14 resultadosCVE-2022-0121HIGHCross-site Scripting in hoppscotch/hoppscotchEPSS 1.2%CVE-2023-34097HIGHDatabase password exposed in logs in hoppscotchEPSS 0.7%CVE-2024-34347HIGH@hoppscotch/cli affected by Sandbox Escape in @hoppscotch/js-sandbox leads to RCEEPSS 0.6%CVE-2024-27092MEDIUMContent spoofing - real Hoppscotch emailsEPSS 0.6%CVE-2026-28215CRITICALhoppscotch Vulnerable to Unauthenticated Onboarding Config TakeoverEPSS 0.5%CVE-2026-34847MEDIUMhoppscotch: Open redirect via `/enter?redirect=`EPSS 0.4%CVE-2026-28216HIGHhoppscotch has IDOR in updateUserEnvironment / deleteUserEnvironmentEPSS 0.4%CVE-2026-34931HIGHhoppscotch: Improper loopback redirect_uri validation in device-login flowEPSS 0.4%CVE-2026-28217MEDIUMIDOR in GraphQL userCollection Query Exposes Other Users' Private CollectionsEPSS 0.4%CVE-2024-34714HIGHHoppscotch Extension responds to calls made by origins not in the domain listEPSS 0.3%CVE-2026-34932HIGHhoppscotch: Stored XSS via mock server responses on backend originEPSS 0.3%CVE-2026-44478HIGHhoppscotch: Unauthenticated Onboarding Config Disclosure via Empty Recovery TokenEPSS 0.2%CVE-2026-30825NONEhoppscotch: IDOR - Any authenticated user can revoke any other user's Personal Access TokenEPSS 0.2%CVE-2026-34848MEDIUMhoppscotch: Stored XSS in team member overflow tooltip via display nameEPSS 0.1%