MINI-5968-CGHP-2FGW

Bulletin has no description...

MINI-62WG-HC95-5968

Bulletin has no description...

ECHO-5968-ECB0-CBEF

Bulletin has no description...

CVE-2024-5968

The Photo Gallery by 10Web WordPress plugin before 1.8.28 does not properly sanitise and escape some of its Gallery settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2019-5968

Cross-site request forgery CSRF vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating user's 'Basic Info'...

CVE-2024-5968

creationtimestamp| type| source ---|---|--- 2024-10-09 08:57:24+00:00| seen| https://t.me/cvedetector/7433...

CVE-2024-5968 Photo Gallery by 10Web <= 1.8.27 - Admin+ Stored XSS

The Photo Gallery by 10Web WordPress plugin before 1.8.28 does not properly sanitise and escape some of its Gallery settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2024-5968 Photo Gallery by 10Web <= 1.8.27 - Admin+ Stored XSS

The Photo Gallery by 10Web WordPress plugin before 1.8.28 does not properly sanitise and escape some of its Gallery settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CGA-CFM2-89CM-5968

Bulletin has no description...

CGA-8JWW-5968-HV59

Bulletin has no description...

Mattermost Server < 7.8.12 / 8.0.x < 8.0.4 / 8.1.x < 8.1.3 / 9.0.0 Multiple Vulnerabilities (MMSA-2023-00240) (MMSA-2023-00242) (MMSA-2023-00246)

The version of Mattermost Server running on the remote host is prior to 7.8.12, 8.0.x prior to 8.0.3, 8.1.x prior to 8.1.3 or 9.0.0. It is, therefore, affected by multiple vulnerabilities: - Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request...

CVE-2023-5968

Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body...

CVE-2023-5968

Mattermost: CVE-2023-5968 is a vulnerability where the server fails to properly sanitize the user object during username updates, causing the password hash to be included in the response body. Affected data exposure is limited to the password hash disclosure in responses per the available documen...

CVE-2023-5968 Password hash in response body after username update

Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body...

U.S. Dept Of Defense: DOM-XSS

A DOM-XSS vulnerability was found on a subdomain of a website, which could allow an attacker with access to the Siteminder CA to perform a cross-site scripting attack and cause information leaks, privilege escalation, and/or denial of service. The vulnerability was assigned CVE-2013-5968 and a...

crosscountryroads.com Cross Site Scripting vulnerability OBB-3301602

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Security Bulletin: Multiple vulnerabilities within Jackson JSON library affect IBM Business Automation Workflow (CVE-2017-17485, CVE-2018-5968, CVE-2018-7489)

Summary Multiple security vulnerabilities have been reported for Jackson JSON library that is used by IBM Business Automation Workflow. Vulnerability Details CVEID: CVE-2018-7489 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused ...

Security Bulletin: IBM InfoSphere Change Data Capture is affected by a Jackson 2.3.3 and 2.4.4 open source library vulnerabilities

Summary IBM Data Replication has addressed the following vulnerabilities: CVE-2017-17485 CVE-2018-5968 CVE-2017-15095 CVE-2017-7525 CVE-2018-7489 Vulnerability Details CVEID: CVE-2017-17485 DESCRIPTION: Jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused...

Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology

Summary Multiple security vulnerabilities affect components used by the following products that may affect those products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5968)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5968 advisory. - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 Tenable has extracted the preceding description bloc...