32 matches found
OPENSUSE-SU-2026:21045-1 Security update for perl-libwww-perl
This update for perl-libwww-perl fixes the following issue - CVE-2026-8368: authorization and proxy-authorization headers are leaked on cross-origin redirects bsc1265156...
CVE-2026-8368 affecting package perl-libwww-perl for versions less than 6.83-1
CVE-2026-8368 affecting package perl-libwww-perl for versions less than 6.83-1. An upgraded version of the package is available that resolves this issue...
Fedora 43 : perl-libwww-perl (2026-3b48ba7dc7)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3b48ba7dc7 advisory. Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects a different scheme,...
perl-libwww-perl-6.830.0-1.1 on GA media (moderate)
perl-libwww-perl-6.830.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10781-1 Rating: moderate Cross-References: CVE-2026-8368 CVSS scores: CVE-2026-8368 SUSE : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-8368 SUSE : 6...
CVE-2026-8368
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...
CVE-2026-8368
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...
MAL-2025-8368 Malicious code in @leaffm/automatically-gen-script (npm)
The package @leaffm/automatically-gen-script was found to contain malicious code...
CVE-2025-8368
creationtimestamp| type| source ---|---|--- 2025-07-31 07:52:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvanptdwil2p...
CVE-2025-8368
A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-8368
CVE-2025-8368 affects Portabilis i-Educar 2.9. The vulnerability is a reflected cross-site scripting in the file /intranet/pesquisa_pessoa_lst.php, caused by manipulation of the argument campo_busca/cpf. It can be triggered remotely and, per the sources, the exploit has been publicly disclosed. M...
CVE-2019-8368
OpenEMR v5.0.1-6 allows XSS...
CVE-2024-8368
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...
CVE-2024-8368
creationtimestamp| type| source ---|---|--- 2024-09-01 07:46:00+00:00| seen| https://t.me/cvedetector/4581...
CVE-2024-8368
The CVE-2024-8368 entry concerns code-projects Hospital Management System version 1.0, where the Login index.php component is vulnerable to SQL injection via the username parameter. This flaw could be exploited remotely and has been publicly disclosed. Root cause is an SQL injection in the handli...
CVE-2024-8368 code-projects Hospital Management System Login index.php sql injection
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...
CVE-2024-8368 code-projects Hospital Management System Login index.php sql injection
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...
Mitsubishi Electric MELSEC-Q QJ71E71 series Improper Synchronization (CVE-2016-8368)
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to conne...
CVE-2020-8368
...