Security Bulletin: rustix-0.37.20.crate, rustix-0.38.14.crate and rustix-0.38.2.crate is vulnerable to WS-2023-0366 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector uses rustix-0.37.20.crate, rustix-0.38.14.crate and rustix-0.38.2.crate which is vulnerable to WS-2023-0366 Vulnerability Details IBM X-Force ID: 269579 DESCRIPTION: Bytecode Alliance rustix is vulnerable to a denial of service, caused by...

CVE-2023-0366

creationtimestamp| type| source ---|---|--- 2023-02-21 12:21:48+00:00| seen| https://t.me/cibsecurity/58587...

CVE-2023-0366

The Loan Comparison WordPress plugin before 1.5.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0366

The CVE-2023-0366 entry concerns the Loan Comparison WordPress plugin (versions prior to 1.5.3). The issue is that the plugin does not validate and escape some shortcode attributes before outputting them in a post/page, enabling Stored XSS when a user with the contributor role or higher renders t...

CVE-2023-0366 Loan Comparison < 1.5.3 - Contributor+ Stored XSS via shortcode

The Loan Comparison WordPress plugin before 1.5.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Loan Comparison Plugin < 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Loan Comparison Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0366 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID bb76fde3b4ac Credits István Márton Requir...