JetBrains YouTrack Cross-Site Scripting Vulnerability (CNVD-2022-20143)

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. A cross-site scripting vulnerability exists in versions prior to JetBrains YouTrack 2021.4.31698, which stems from a lack of data validation filtering of user-supplied data and output...

JetBrains YouTrack Cross-Site Scripting Vulnerability (CNVD-2022-20142)

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. A cross-site scripting vulnerability exists in previous versions of JetBrains YouTrack 2021.4.36872, which stems from the lack of data validation filtering of user-supplied data and...

Atlassian Jira Service Management Server and Data Cente Cross-Site Scripting Vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. A cross-site scripting vulnerability exists in Atlassian Jira Service Management Server and Data Center versions prior to 4.21.0, which originates in /secure/admin/ The "Object Schema" field of...

Piwigo Cross-Site Scripting Vulnerability (CNVD-2022-71118)

Piwigo is a set of Web-based open source image gallery software. Piwigo version 12.2.0 contains a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data. An attacker could use this vulnerability to steal the webmaster's cookies to...

Accounting Journal Management Cross-Site Scripting Vulnerability

Accounting Journal Management is a simple PHP-based accounting journal management system with a trial balance. accounting Journal Management version 1.0 is vulnerable to a cross-site scripting vulnerability that stems from a lack of filtering of user-supplied data and The vulnerability is caused ...

BloofoxCms Cross-Site Scripting Vulnerability (CNVD-2022-17027)

BloofoxCms is a Php-based text content management system from alexlang24 personal developer. bloofoxCMS suffers from a cross-site scripting vulnerability that stems from the lack of user-supplied data and output data validation filtering in the file and type parameters in index.php. An attacker...

Librenms 跨站脚本漏洞

Librenms is a PHP and MySQL based open source network monitoring system from the Librenms community. The system features custom alerts, auto-discovery of network environments and automatic updates.Librenms suffers from a cross-site scripting vulnerability that stems from the lack of proper...

The vulnerability of Windows operating systems arises from insufficient checking of input data, allowing attackers to disclose sensitive information that should be protected.

Vulnerabilities in Windows operating systems exist due to insufficient checking of input data. Exploiting these vulnerabilities can allow attackers to disclose protected information...

JetBrains YouTrack 跨站脚本漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. A cross-site scripting vulnerability exists in versions prior to JetBrains YouTrack 2021.4.31698, which stems from a lack of data validation filtering of user-supplied data and output...

Piwigo 跨站脚本漏洞

Piwigo is a set of Web-based open source image gallery software. Piwigo version 12.2.0 contains a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data. An attacker could use this vulnerability to steal the webmaster's cookies to...

IBM Sterling External Authentication Server 路径遍历漏洞

IBM Sterling External Authentication Server is a client application used to implement extended authentication and validation services for IBM products. IBM Sterling External Authentication Server path traversal vulnerability, which stems from a failure to properly validate RESTAPI configuration...

Checkmk 跨站脚本漏洞

Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk versions 2.0.0p19 and earlier and 1.6.0p27 and earlier, which stems from the lack of proper validation of client-side data by the web application. An attacker could exploit this vulnerability to execute client-side code...

ALPINE-CVE-2022-24052

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-46650

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-46637

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-46620

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-46624

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2021-46629

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2021-46628

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2021-46611

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...