7 matches found
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2023-2757)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2757 advisory. - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785,...
SUSE SLES12 Security Update : prometheus-sap_host_exporter (SUSE-SU-2023:2757-1)
The remote SUSE Linux SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2757-1 advisory. - rebuild the package with the go 1.20 security release bsc1208270. - fixed exporter package description bsc1211311. Tenable has extracted the...
CVE-2023-2757
creationtimestamp| type| source ---|---|--- 2023-05-18 07:32:01+00:00| seen| https://t.me/cibsecurity/64364...
CVE-2023-2757
The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on 'saveLang' functions in versions up to, and including, 0.6.2. This could lead to Cross-Site Scripting due to insufficient input sanitization and output escaping. This...
CVE-2023-2757 Waiting: One-click countdowns <= 0.6.2 - Missing Authorization Checks leading to Authenticated (Subscriber+) Stored Cross-Site Scripting
The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on 'saveLang' functions in versions up to, and including, 0.6.2. This could lead to Cross-Site Scripting due to insufficient input sanitization and output escaping. This...
CVE-2023-2757 Waiting: One-click countdowns <= 0.6.2 - Missing Authorization Checks leading to Authenticated (Subscriber+) Stored Cross-Site Scripting
The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on 'saveLang' functions in versions up to, and including, 0.6.2. This could lead to Cross-Site Scripting due to insufficient input sanitization and output escaping. This...
WordPress Waiting: One-click countdowns Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS)
Software Waiting: One-click countdowns Type Plugin Vulnerable versions = 0.6.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2757 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 5e454859cceb Credits István...