PT-2024-5143 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 16.9.6 GitLab CE/EE versions 16.10 through 16.10.3 GitLab CE/EE versions 16.11 through 16.11.0 Description: The issue is related to insufficient access control in the Email Address Handler component of GitLab,...

CVE-2023-3843

A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an unknown function of the file /matchmakings/question of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-235194 is...

PT-2023-26470 · Unknown · Moosocial Moodating

Name of the Vulnerable Software and Affected Versions: mooSocial mooDating version 1.2 Description: A problematic issue was found in the URL Handler component, specifically affecting an unknown function of the file /find-a-match. This issue leads to cross-site scripting and can be exploited...

SUSE CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2021-38112

In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework CEF --gpu-launcher argument. This is fixed in 3.1.9...