63 matches found
LimeSurvey < 6.6.2-240827 SQLi Vulnerability
LimeSurvey is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:limesurvey:limesurvey...
PT-2024-37971
Name of the Vulnerable Software and Affected Versions LimeSurvey version 6.5.14-240624 Description A critical issue has been found, affecting the function actionUpdateSurveyLocaleSettingsGeneralSettings of the component Survey General Settings Handler, located in the file...
LimeSurvey < 6.5.14 CSRF Vulnerability
LimeSurvey is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-00009)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
CVE-2022-44510
CVE-2022-44510 describes a reflected XSS in Adobe Experience Manager (AEM) versions 6.5.14 and earlier, where a low-privileged attacker lures a victim to a vulnerable URL to execute malicious JavaScript in the victim’s browser. The issue affects AEM’s web context via a vulnerable page reference; ...
CVE-2022-44510 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-42352 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-42356 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-42365 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-44466 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-44470 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-42348 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-42356
Adobe Experience Manager (AEM) 6.5.14 and earlier is affected by a reflected cross-site scripting (XSS) vulnerability. A low-privilege attacker can lure a victim to a vulnerable URL, causing malicious JavaScript to execute in the victim’s browser. The CVSS v3.1 base score is 5.4 (Medium). Remedia...
CVE-2022-35693 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-44470
CVE-2022-44470 affects Adobe Experience Manager (AEM) 6.5.14 and earlier. It is a reflected Cross-Site Scripting (XSS) vulnerability: if a low-privileged user is induced to visit a URL referencing a vulnerable page, a victim’s browser may execute malicious JavaScript. The issue is explicitly desc...
CVE-2022-42357 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-44463 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-42346 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-44467 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...
CVE-2022-35695 AEM Reflected XSS Arbitrary code execution
Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...