63 matches found
CVE-2019-14840
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...
Default credentials
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...
CVE-2019-14840
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...
PT-2022-8095 · Red Hat · Red Hat Decision Manager
Name of the Vulnerable Software and Affected Versions: Red Hat Decision Manager RHDM affected versions not specified Description: A flaw was found in the RHDM, where sensitive HTML form fields like password have auto-complete enabled, which may lead to a leak of credentials. Recommendations: At t...
CVE-2019-14840
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...
IBM Cognos Analytics 安全漏洞
IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decision-making by analyzing such things as key factors and key people. A security...
GHSA-6G7X-4C7M-G63M Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
CVE-2021-39876
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...
CVE-2021-39876
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...
CVE-2021-39876
CVE-2021-39876 affects GitLab CE/EE starting from version 11.3, where the autocomplete endpoint for Assignee discloses members of private groups. The root cause is an information-disclosure flaw in the Assignee autocomplete functionality, enabling partial confidentiality breach. Impact stated in ...
Nuclei-Burp-Plugin - Nuclei Plugin For BurpSuite
A BurpSuite plugin intended to help with nuclei template generation. Features Template matcher generation Word and Binary matcher creation using selected response snippets from Proxy history or Repeater contexts Multi-line selections are split to separate words for readability Binary matchers are...
IBM Cognos Analytics 授权问题漏洞
IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. An authorization issue...
Cross site scripting
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...
CVE-2021-29274
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...
CVE-2021-29274
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...
CVE-2019-14840
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...
Firefly III Cross-Site Scripting Vulnerability (CNVD-2020-59725)
Firefly III is a free, open source, self-hosted personal finance manager. A cross-site scripting vulnerability exists in the auto-complete feature of the description field in Firefly III versions prior to 5.4.5. An attacker can exploit the vulnerability to execute JavaScript via the suggested...
Unspecified Vulnerability in Apple iOS and iPadOS Messages Composition Component
Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple iPadOS is an operating system for iPad tablets. messages Composition is one of the message editing components. A security vulnerability exists in the Messages Compositio...
One-Lin3r v2.1 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More
One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing Windows, Linux, macOS or even BSD systems or hacking generally with a lot of new features to make all of this fully automated ex: you won't even need to copy the...