CVE-2025-8664

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Saysis Computer Systems Trade Ltd. Co. StarCities E-Municipality Management allows Cross-Site Scripting XSS.This issue affects StarCities E-Municipality Management: before 20250825...

CVE-2024-8664

The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2019-8664

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service...

CVE-2024-8664

creationtimestamp| type| source ---|---|--- 2024-09-13 09:35:54+00:00| seen| https://t.me/cvedetector/5557...

CVE-2024-8664 WP Test Email <= 1.1.7 - Reflected Cross-Site Scripting

The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2024-8664 WP Test Email <= 1.1.7 - Reflected Cross-Site Scripting

The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

WordPress WP Test Email Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software WP Test Email Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8664 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ea820c9f43d1 Credits vgo0 Required...

CVE-2023-48115

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

CVE-2023-48116

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

Cross site scripting

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment...

PT-2023-30705 · Smartertools · Smartermail

Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 Description: The issue allows stored XSS via a crafted description of a Calendar appointment. Recommendations: For versions 8495 through 8664, update to version 8747 or later to resolve the...

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, Simple Mail Transfer Protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, simple mail transfer protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

PT-2023-30704 · Smartertools · Smartermail

Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 before 8747 Description: The issue allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. Recommendations: Fo...

SmarterTools SmarterMail Security Breach

SmarterTools SmarterMail is a set of mail server software from SmarterTools. The software supports spam filtering, statistics, Simple Mail Transfer Protocol SMTP authentication, and other features. A security vulnerability exists in SmarterTools SmarterMail versions 8495 through 8664, which stems...

PT-2023-30703 · Smartertools · Smartermail

Name of the Vulnerable Software and Affected Versions: SmarterTools SmarterMail versions 8495 through 8664 Description: The issue allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows...

CVE-2019-8664

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service...

CVE-2019-8664

CVE-2019-8664 corresponds to an input validation vulnerability in Apple's iMessage/Messages framework that could allow a remote attacker to cause a denial of service by forwarding or sending a malicious message. Apple fixed this in iOS 12.3 and watchOS 5.2.1; the vulnerability is described as a m...

About the security content of watchOS 5.2.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Photon OS 1.0: Envoy PHSA-2020-1.0-0290

An update of the envoy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0290. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136105...