23 matches found
CVE-2022-22402
IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 222571...
CVE-2025-22402
Dell Update Manager Plugin, versions 1.5.0 through 1.6.0, contains an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-22402
Dell Update Manager Plugin, versions 1.5.0 through 1.6.0, contains an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-22402
Dell Update Manager Plugin, versions 1.5.0 through 1.6.0, contains an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-22402
Dell Update Manager Plugin, versions 1.5.0 through 1.6.0, contains an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-22402
Dell Update Manager Plugin (Dell Update Manager Plugin, versions 1.5.0–1.6.0) is affected by an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low-privileged attacker with remote access could potentially cause information exposure. The issue arises ...
CVE-2024-22402
creationtimestamp| type| source ---|---|--- 2024-01-18 22:21:35+00:00| seen| https://t.me/ctinow/169968 2024-02-12 14:41:46+00:00| seen| https://t.me/ctinow/183121 2025-06-09 19:48:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17745...
CVE-2024-22402 Improper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a permissions bypass. It i...
CVE-2024-22402
CVE-2024-22402 concerns the Nextcloud Guests app. The issue is an improper handling of request URLs that lets guest users load pages of apps they should not access, effectively bypassing the app allowlist. Affected Nextcloud Guests versions include 2.4.x, 2.5.x, and 3.0.x (with mitigation guidanc...
CVE-2022-22402
Consolidated details for CVE-2022-22402 show IBM Aspera Faspex 5.0.5 (and earlier) vulnerable to cross-site scripting in the Web UI, enabling embedding of arbitrary JavaScript that could lead to credentials disclosure within a trusted session. The underlying issue is a Web UI XSS flaw; exploitati...
CVE-2020-22402
Cross Site Scripting XSS vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code...
CVE-2020-22402
Cross Site Scripting XSS vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code...
CVE-2020-22402
CVE-2020-22402 concerns a Cross Site Scripting (XSS) vulnerability in SOGo Web Mail prior to version 4.3.1 . The issue allows an attacker to obtain user‑sensitive information when a user opens an email containing malicious code. The underlying flaw is an XSS in the web mail interface, enabling da...
CVE-2020-22402
Cross Site Scripting XSS vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code...
CVE-2023-22402
A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Non Stop Routing NSR scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there ...
CVE-2023-22402
A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Non Stop Routing NSR scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there ...
CVE-2023-22402 Junos OS Evolved: The kernel might restart in a BGP scenario where "bgp auto-discovery" is enabled and such a neighbor flaps
A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Non Stop Routing NSR scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there ...
CVE-2023-22402
CVE-2023-22402 is a Use After Free in the Junos OS Evolved kernel that can cause a Denial of Service in NSR when a BGP neighbor flap occurs while bgp auto-discovery is enabled. Affected: Juniper Junos OS Evolved 21.3 before 21.3R3-EVO; 21.4 before 21.4R2-EVO; 22.1 before 22.1R2-EVO; 22.2 before 2...
Juniper Junos OS Vulnerability (JSA70198)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70198 advisory. - A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS...
CVE-2021-22402
creationtimestamp| type| source ---|---|--- 2021-10-28 16:23:35+00:00| seen| https://t.me/cibsecurity/31381...