Enpass Password Manager 安全漏洞

Enpass Password Manager is a cross-platform offline password manager from Enpass. A security vulnerability exists in Enpass Password Manager version 6.9.2, which stems from an HTML injection vulnerability that allows an attacker to run arbitrary HTML code by creating carefully crafted comments...

Moodle allows remote authenticated users to cause a denial of service (invalid database records)

Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service invalid database records via a series of crafted comments operations...

CVE-2021-33829

A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...

CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. CKEditor suffers from a cross-site scripting vulnerability that stems from improper handling of input data in the HTML data processor. A remote attacker can inject executable JavaScript code via a crafted comment. The following products and model...

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect its web page structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the user’s browser by creating a...

Atlassian Jira gajira-create code execution vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. gajira-comment is a Jira plugin for configuring Jira comment operations. Atlassian gajira-create A security vulnerability exists...

CVE-2011-4292

Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service invalid database records via a series of crafted comments operations...

CVE-2011-4292

Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service invalid database records via a series of crafted comments operations...

Code injection

Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service invalid database records via a series of crafted comments operations...

CVE-2011-4292

Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service invalid database records via a series of crafted comments operations...