16 matches found
CVE-2025-23632
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhizome Networks CG Button content-glass-button allows Reflected XSS.This issue affects CG Button: from n/a through = 1.0.5.6...
PT-2025-45529
🔴 prosemirror to html, Cross-Site Scripting, CVE-2024-23632 Critical https://t.co/OV9qAIWr8i...
CVE-2025-23632
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhizome Networks CG Button content-glass-button allows Reflected XSS.This issue affects CG Button: from n/a through = 1.0.5.6...
CVE-2025-23632 WordPress CG Button plugin <= 1.0.5.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhizome Networks CG Button content-glass-button allows Reflected XSS.This issue affects CG Button: from n/a through = 1.0.5.6...
CVE-2025-23632 WordPress CG Button plugin <= 1.0.5.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhizome Networks CG Button content-glass-button allows Reflected XSS.This issue affects CG Button: from n/a through = 1.0.5.6...
CVE-2023-23632
creationtimestamp| type| source ---|---|--- 2023-10-13 00:23:23+00:00| seen| https://t.me/cibsecurity/72201...
CVE-2023-23632
BeyondTrust Privileged Remote Access (PRA) 22.2.x–22.4.x contains a local authentication bypass through a flawed secret verification in the BYOT shell jump sessions, enabling access to jump items by guessing the first character of the secret. Affected product: BeyondTrust PRA. Root cause: insecur...
10-24-dars (=1.0.0), @alephdata/react-ftm (>=1.9.1 <=2.4.0-alpha.2) +204 more potentially affected by CVE-2021-23632 via git (=0.1.5)
git NPM version =0.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on git and may be impacted: - 10-24-dars =1.0.0 - @alephdata/react-ftm =1.9.1, =1.5.2, =0.4.120, =1.0.0-alpha.0, =1.1.7, =1.0.1, =0.13.1, =1.12.2, =1.0.0, =2.0.0 -...
CVE-2021-23632
All versions of package git are vulnerable to Remote Code Execution RCE due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps to Reproduce 1. Create a file named exploit.js with the following content: js var Git =...
CVE-2021-23632
CVE-2021-23632 affects all versions of the npm package git. The root cause is missing sanitization in the Git.git method, allowing input to execute OS commands rather than just git commands, enabling Remote Code Execution. The provided PoC demonstrates injecting commands via repo.git(input) to ru...
CVE-2021-23632 Remote Code Execution (RCE)
All versions of package git are vulnerable to Remote Code Execution RCE due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps to Reproduce 1. Create a file named exploit.js with the following content: js var Git =...
CVE-2022-23632
creationtimestamp| type| source ---|---|--- 2022-02-17 18:37:20+00:00| seen| https://t.me/cibsecurity/37664 2026-01-24 21:25:43+00:00| seen| https://gist.github.com/alon710/9def45344bb07b378de41c3c4e762379 2026-01-24 22:41:08+00:00| seen|...
CVE-2022-23632 Traefik skips the router TLS configuration when the host header is an FQDN
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security TLS configuration when the host header is a fully qualified domain name FQDN. For a request, the TLS configuration choice can be different than the router choice, which...
CVE-2022-23632
CVE-2022-23632 affects Traefik (HTTP reverse proxy/load balancer). Prior to v2.6.1, when the host header is an FQDN, the router’s TLS configuration can be ignored and a different TLS setup may be applied, potentially using the default TLS configuration instead of the configured one. If CNAME flat...
CVE-2022-23632 Traefik skips the router TLS configuration when the host header is an FQDN
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security TLS configuration when the host header is a fully qualified domain name FQDN. For a request, the TLS configuration choice can be different than the router choice, which...
10-24-dars (=1.0.0), @alephdata/react-ftm (>=1.9.1 <=2.4.0-alpha.2) +204 more potentially affected by CVE-2021-23632 via git (=0.1.5)
git NPM version =0.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on git and may be impacted: - 10-24-dars =1.0.0 - @alephdata/react-ftm =1.9.1, =1.5.2, =0.4.120, =1.0.0-alpha.0, =1.1.7, =1.0.1, =0.13.1, =1.12.2, =1.0.0, =2.0.0 -...