CVE-2023-4093 Reflected and persistent XSS vulnerability in Fujitsu Arconte Áurea

Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access...

CVE-2021-20577

IBM Cloud Pak for Security CP4S 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

CVE-2021-20577

IBM Cloud Pak for Security (CP4S) versions 1.5.0.0 and 1.5.0.1 are vulnerable to cross-site scripting in the Web UI, allowing embedding of arbitrary JavaScript code that could alter functionality and potentially disclose credentials within a trusted session. This CVE entry is supported by multipl...

CVE-2020-4074

In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 1.7.6.6...