7703 matches found
CVE-2025-56379
A stored cross-site scripting XSS vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field...
ERPNext 跨站脚本漏洞
ERPNext is an open source enterprise resource planning solution from ERPNext India. A cross-site scripting vulnerability exists in ERPNext version v15.67.0, which stems from improper cleanup of content field inputs by the blog post feature and can be exploited by an attacker to cause a stored...
CVE-2025-56379
A stored cross-site scripting XSS vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field...
PT-2025-40352
Name of the Vulnerable Software and Affected Versions ERPNEXT version 15.67.0 Description A stored cross-site scripting XSS issue exists in the blog post feature. An attacker can inject a crafted payload into the content field, potentially leading to the execution of arbitrary web scripts or HTML...
CVE-2025-56379
CVE-2025-56379: A stored XSS in ERPNext v15.67.0 blog module (Frappe v15.72.4) via the blog post content field. An authenticated user who can create/edit posts can inject crafted HTML/JS; payload is stored and can execute in other users’ browsers viewing the post. Affected components: ERPNext Blo...
The Power of Data Observability: Your Edge in a Fast-Changing World
...
How to Use Passkeys With Google Password Manager (2025)
Google can create and manage passkeys from your browser, but the process is more involved than it suggests...
Tips for Merging Large PDF Files Online
As more businesses rely on digital documents today, effective large file management has also become necessary. PDFs are…...
Dutch Teens Arrested Over Alleged Spying for Pro-Russian Hackers
Dutch authorities arrest two teens recruited by pro-Russian hackers for spying missions. Learn how Russia is using disposable agents for sabotage across Europe...
ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution
Singapore, Singapore, 29th September 2025, CyberNewsWire...
ThriveX-Blog 安全漏洞
ThriveX-Blog is a blog management system by the individual developer LiuYuYang01. A security vulnerability exists in ThriveX-Blog versions 2.5.9 through 3.1.3, which originates from the unauthenticated /api/assistant/list endpoint and could lead to the disclosure of sensitive information...
Friday Squid Blogging: Jigging for Squid
A nice story...
CVE-2025-57990
Missing Authorization vulnerability in solwininfotech Blog Designer blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blog Designer: from n/a through = 3.1.8...
Cloudflare Blocks Record 22.2 Tbps DDoS Attack
Cloudflare stopped a record 22.2 Tbps DDoS attack, showing how massive these threats have become and why strong DDoS attack protection is essential...
10 Evaluation Points for Your App Platform on Kubernetes
...
CVE-2025-57990
Missing Authorization vulnerability in solwininfotech Blog Designer blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blog Designer: from n/a through = 3.1.8...
WordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Blog Designer versions = 3.1.8...
CVE-2025-57990
CVE-2025-57990 (Blog Designer) is a Missing Authorization vulnerability in the WordPress Blog Designer plugin. Affected versions are
CVE-2025-57990 WordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control Vulnerability
Missing Authorization vulnerability in solwininfotech Blog Designer blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blog Designer: from n/a through = 3.1.8...
CVE-2025-57990 WordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control Vulnerability
Missing Authorization vulnerability in solwininfotech Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Blog Designer: from n/a through 3.1.8...