GHSA-JFM4-3VV3-FM4V Cross-site Scripting (XSS) in CrafterCMS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

org.craftercms:crafter-studio (>=3.0.0 <=3.1.27E) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=3.0.0 <=3.1.27E)

org.craftercms:crafter-engine MAVEN version =3.0.0, =3.0.0, =3.1.27E Source cves: CVE-2023-4136 Source advisory: SNYK:JAVA-ORGCRAFTERCMS-8722255...

CVE-2023-4136

CrafterCMS Engine is vulnerable to reflected XSS (CVE-2023-4136). The nuclei template shows exploitation via the transformerName parameter in the /api/1/site/url/transform endpoint, enabling an unauthenticated attacker to inject arbitrary JavaScript in the user context and potentially steal crede...

WordPress WP Event Manager 3.1.27 Cross Site Scripting

Exploit Title: WordPress Plugin WP Event Manager - Stored Cross Site Scripting Date: 15-05-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/wp-event-manager/ Version: 3.1.27 Tested on: Firefox Contact me: [email protected] Steps To Reproduce...

2022-07 .NET Core 3.1.27 Update for x64 Server (KB5016404)

2022-07 .NET Core 3.1.27 Update for x64 Server KB5016404...

2022-07 .NET Core 3.1.27 Update for x64 Client (KB5016404)

2022-07 .NET Core 3.1.27 Update for x64 Client KB5016404...