Linux Distros Unpatched Vulnerability : CVE-2023-44272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the scri...

CVE-2023-44272

A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user...

Cross site scripting

A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user...

CVE-2023-44272

A cross-site scripting vulnerability exists in Citadel WebCit prior to version 994. When a malicious user sends an instant message containing JavaScript, the script can execute in the web browser of the victim user. This vulnerability affects Citadel WebCit (Citadel) as described in multiple sour...

CVE-2023-44272

Removed by vendor...

Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility

Overview Citadel WebCit provided by Citadel contains a cross-site scripting vulnerability CWE-79. Tomoro Taniguchi of FiveDrive, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When a malicious user sen...

Citadel Cross-Site Scripting Vulnerability

Citadel is an asset management software from Citadel, Inc. in the United States. A security vulnerability exists in versions prior to Citadel 994 that stems from the presence of a cross-site scripting XSS vulnerability...

PT-2023-29182 · Citadel · Citadel

Name of the Vulnerable Software and Affected Versions: Citadel versions prior to 994 Description: A cross-site scripting issue exists. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user. Recommendations: For...

JVN#08237727: Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility

Citadel WebCit provided by Citadel contains a cross-site scripting vulnerability CWE-79. Impact When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user. Solution Update the software Update the software to the lates...

Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libhx vulnerability (USN-994-1)

It was discovered that libHX incorrectly handled certain parameters to the HXsplit function. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code with the privileges of the user. The default compiler options for affected releases should reduce the...

Ubuntu: Security Advisory (USN-994-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11 Security Update : Perl (SAT Patch Number 994)

A Buffer overflow in perl, in the base Compress::Raw::Zlib perl module has been fixed. CVE-2009-1391 Additionaly three non security bugs were fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

Debian Security Advisory DSA 994-1 (freeciv)

The remote host is missing an update to freeciv announced via advisory DSA 994-1. Luigi Auriemma discovered a denial of service condition in the free Civilization server that allows a remote user to trigger a server crash. The old stable distribution woody is not affected by this problem. OpenVAS...

Debian DSA-994-1 : freeciv - denial of service

Luigi Auriemma discovered a denial of service condition in the free Civilization server that allows a remote user to trigger a server crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...