16 matches found
CVE-2026-43717
creationtimestamp| type| source ---|---|--- 2026-07-01 02:49:59+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0818 2026-07-01 16:01:00+00:00| seen| https://www.thezdi.com/blog/2026/6/30/the-june-2026-apple-security-update-review 2026-07-02 01:00:44+00:00| seen|...
CVE-2024-43717
creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:34+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...
CVE-2022-43717
Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...
CVE-2025-43717
In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...
CVE-2025-43717
In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...
CVE-2025-43717
In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...
CVE-2025-43717
PEAR HTTP_Request2 is vulnerable prior to version 2.7.0. The issue arises because multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading to Cross-Site Scripting (XSS). The root cause is inp...
CVE-2025-43717
In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...
CVE-2022-43717
creationtimestamp| type| source ---|---|--- 2025-04-04 14:36:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10461...
CVE-2024-43717 Adobe Experience Manager | Improper Access Control (CWE-284)
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality...
CVE-2024-43717 Adobe Experience Manager | Improper Access Control (CWE-284)
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality...
CVE-2023-43717
creationtimestamp| type| source ---|---|--- 2023-10-01 02:39:07+00:00| seen| https://t.me/cibsecurity/71369...
CVE-2023-43717 Os Commerce 4.12.56860 - Cross Site Scripting Reflected (XSS)
Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCHHIGHLIGHTENABLETITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...
CVE-2023-43717
OsCommerce (4.x era) has a Cross-Site Scripting (XSS) vulnerability in the MSEARCH_HIGHLIGHT_ENABLE_TITLE[1] parameter, allowing injected JavaScript to run in a user’s browser. Sources across NVD/NVD mirror entries describe the flaw but do not specify a fixed patch/version. The provided documents...
CVE-2022-43717
CVE-2022-43717 affects Apache Superset: dashboard rendering does not sufficiently sanitize Markdown content, enabling possible XSS by authenticated users with create dashboard permissions. Documented impact covers Superset versions 1.5.2 and earlier, and 2.0.0 (per CVE sources and related advisor...
CVE-2022-43717 Apache Superset: Cross-Site Scripting on dashboards
Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...