4 matches found
CVE-2023-42509
JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data...
GHSA-CFXH-FRX4-9GJG Cross-site Scripting in @spscommerce/ds-react
Impact XSS, anyone using the SPS Select with options prop populated from user input is impacted. If these options are stored, then it could have been a stored XSS. Patches The code has been patched for version 7 of woodland. Users should upgrade to 7.17.4 or higher Workarounds This is not...
Atlassian Confluence Command Injection (CONFSERVER-79016)
According to its self-reported version number, the Atlassian Confluence running on the remote host is affected by a command injection vulnerability. A remote, unauthenticated attacker can use this to execute arbitrary code. Note that Nessus has not tested for this issue but has instead relied onl...
Atlassian Confluence Server OGNL injection
Added: 06/06/2022 Background Atlassian Confluence is a collaboration and knowledge management application. Problem Atlassian Confluence has an OGNL injection vulnerability that could allow an unauthenticated user to execute arbitrary code on a Confluence Server. Resolution Upgrade to Confluence...