19 matches found
📄 Mailpit 1.28.1 Cross Site WebSocket Hijacking
A cross site websocket hijacking vulnerability exists in Mailpit versions 1.28.1 and below. The vulnerability allows remote attackers to intercept sensitive data such as email contents, headers, and server statistics in real-time. Mailpit - Cross-Site WebSocket Hijacking CSWSH Advisory ID:...
CVE-2023-22689
Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3 versions...
CVE-2022-22689
CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands...
CVE-2025-22689
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Levan Tarbor Forex Calculators fx-calculators allows Stored XSS.This issue affects Forex Calculators: from n/a through = 1.3.6...
CVE-2025-22689
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Levan Tarbor Forex Calculators fx-calculators allows Stored XSS.This issue affects Forex Calculators: from n/a through = 1.3.6...
CVE-2025-22689
CVE-2025-22689 is a stored XSS vulnerability in the WordPress plugin “Forex Calculators” (versions
CVE-2025-22689 WordPress Forex Calculators plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Levan Tarbor Forex Calculators fx-calculators allows Stored XSS.This issue affects Forex Calculators: from n/a through = 1.3.6...
CVE-2025-22689 WordPress Forex Calculators plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Levan Tarbor Forex Calculators allows Stored XSS. This issue affects Forex Calculators: from n/a through 1.3.6...
CVE-2023-22689
creationtimestamp| type| source ---|---|--- 2023-05-21 02:23:56+00:00| seen| https://t.me/cibsecurity/64492...
CVE-2023-22689
Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3 versions...
CVE-2023-22689 WordPress Auto Affiliate Links Plugin <= 6.3 is vulnerable to Broken Access Control
Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3 versions...
CVE-2023-22689
CVE-2023-22689 affects the WordPress plugin “Auto Affiliate Links” and is triggered by a Cross-Site Request Forgery (CSRF) vulnerability in versions
CVE-2023-22689 WordPress Auto Affiliate Links Plugin <= 6.3 is vulnerable to Broken Access Control
Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3 versions...
WordPress Auto Affiliate Links Plugin <= 6.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Auto Affiliate Links Type Plugin Vulnerable versions = 6.3 Fixed in 6.3.0.1 OWASP Top 10 A8: Cross Site Request Forgery CSRF Classification Cross Site Request Forgery CSRF CVE CVE-2023-22689 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 6689a92a0421 Credits...
CVE-2021-22689
...
CVE-2021-22689
CVE-2021-22689 is rejected/not used per the Initial Description.
CVE-2022-22689
creationtimestamp| type| source ---|---|--- 2022-02-05 02:45:31+00:00| seen| https://t.me/cibsecurity/36910...
CVE-2022-22689
CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands...
CVE-2022-22689
CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1 contain a vulnerability in the CSV export function caused by insufficient input validation. This may allow a privileged user to potentially execute arbitrary code or commands. The CVE description lists the affected ver...