EUVD-2024-36582

Malicious code in bioql PyPI...

WordPress Leaky Paywall plugin <= 4.21.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Leaky Paywall versions = 4.21.2...

CVE-2023-0599

CVE-2023-0599 affects Rapid7 Metasploit Pro; stored XSS due to insufficient sanitization of JavaScript request strings. An authenticated attacker can inject HTML/script in another user’s browser via a crafted request. Affected: Metasploit Pro 4.21.2 and lower. Impact details are described in sour...

PT-2023-16391 · Rapid7 · Rapid7 Metasploit Pro

Name of the Vulnerable Software and Affected Versions: Rapid7 Metasploit Pro versions 4.21.2 and lower Description: The issue is due to a lack of JavaScript request string sanitization, allowing an authenticated attacker to execute arbitrary HTML and script code in the target browser against...

Rapid7 Metasploit Pro 跨站脚本漏洞

Rapid7 Metasploit Pro is a suite of penetration testing software from the US-based Rapid7. A security vulnerability exists in Rapid7 Metasploit Pro 4.21.2 and prior versions, which stems from insufficient JavaScript request string cleanup, and can be exploited by an attacker to execute HTML and...