Sensitive Information in Resource Not Removed Before Reuse

Overview Affected versions of this package are vulnerable to Sensitive Information in Resource Not Removed Before Reuse in the JASPIAuthenticator. An attacker can gain unauthorized access or escalate privileges by exploiting residual ThreadLocal values that are not cleared after authentication...

CVE-2024-42210

A Stored cross-site scripting XSS vulnerability affects HCL Unica Marketing Operations v12.1.8 and lower. Stored cross-site scripting also known as second-order or persistent XSS arises when an application receives data from an untrusted source and includes that data within its later HTTP respons...

Advisory ROSA-SA-2026-3252

software: grafana 12.1.8 WASP: ROSA-CHROME unaffected versions = grafana-12.1.8-1 affected versions 3s, timeout and permanently block on sending to an unbuffered channel, resulting in linear growth of goroutines and memory exhaustion. CVE-STATUS: The vulnerability has been resolved CVE-REV: To...

CVE-2024-42210

CVE-2024-42210 affects HCL Unica Marketing Operations v12.1.8 and earlier. It is a Stored XSS vulnerability (second-order/persistent XSS) where data from untrusted sources can be included in later HTTP responses in an unsafe manner. The CVSS 3.1 base metrics indicate a HIGH severity (7.6) with ne...

HCL Unica Marketing Operations 安全漏洞

HCL Unica Marketing Operations is a marketing activity management platform of the Indian company HCL. Versions of HCL Unica Marketing Operations 12.1.8 and earlier contained security vulnerabilities. These vulnerabilities were due to improper handling of data from unreliable sources, and could le...