CVE-2022-29455

DOM-based Reflected Cross-Site Scripting XSS vulnerability in Elementor's Elementor Website Builder plugin = 3.5.5 versions...

CVE-2022-29455

DOM-based Reflected Cross-Site Scripting XSS vulnerability in Elementor's Elementor Website Builder plugin = 3.5.5 versions...

Cross site scripting

DOM-based Reflected Cross-Site Scripting XSS vulnerability in Elementor's Elementor Website Builder plugin = 3.5.5 versions...

CVE-2022-29455 WordPress Elementor plugin <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting (XSS) vulnerability

DOM-based Reflected Cross-Site Scripting XSS vulnerability in Elementor's Elementor Website Builder plugin = 3.5.5 versions...

PT-2022-3505 · Elementor · Elementor Website Builder

Name of the Vulnerable Software and Affected Versions: Elementor Website Builder plugin versions prior to 3.5.6 Description: The issue is related to insufficient protection of the webpage structure, allowing a remote attacker to perform cross-site scripting. This is a DOM-based Reflected Cross-Si...

CVE-2022-2029

Cross-site Scripting XSS - DOM in GitHub repository kromitgmbh/titra prior to 0.77.0...

GHSA-39CH-RG26-GMQ5 Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies

Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is...

Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies

Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is...

GHSA-G7PC-799Q-743F Magento DOM-based Cross-site scripting vulnerability

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2022-29182

GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 inclusive are vulnerable to a Document Object Model DOM-based cross-site scripting attack via a pipeline run's Stage Details Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script tha...

Cross site scripting

GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 inclusive are vulnerable to a Document Object Model DOM-based cross-site scripting attack via a pipeline run's Stage Details Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script tha...

CVE-2022-29182 DOM-based XSS in GoCD

GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 inclusive are vulnerable to a Document Object Model DOM-based cross-site scripting attack via a pipeline run's Stage Details Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script tha...

CVE-2022-29182

GoCD versions 19.11.0–21.4.0 are vulnerable to a DOM-based XSS in the Stage Details &gt; Graphs tab. An attacker-hosted page can abuse the messaging channel between the parent page and the stage-graphs iframe to execute script in the user’s browser context, potentially exfiltrating session cookie...

CVE-2022-29182 DOM-based XSS in GoCD

GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 inclusive are vulnerable to a Document Object Model DOM-based cross-site scripting attack via a pipeline run's Stage Details Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script tha...

Cyclos 4.14.7 - (groupId) DOM Based Cross-Site Scripting Vulnerability

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A Dom-based Cross-sit...

Cyclos 4.14.7 - DOM Based Cross-Site Scripting Vulnerability

Exploit Title: Cyclos 4.14.7 - DOM Based Cross-Site Scripting XSS Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31674 Description: Cyclos 4 PRO 4.14.7 and before...

Cyclos 4.14.7 Cross Site Scripting

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A...

Cyclos 4.14.7 - &#039;groupId&#039; DOM Based Cross-Site Scripting (XSS)

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A...

NewStart CGSL CORE 5.05 / MAIN 5.05 : pki-core Multiple Vulnerabilities (NS-SA-2022-0029)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pki-core packages installed that are affected by multiple vulnerabilities: - A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not...

CVE-2022-28716

On 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x 11.6.x, a DOM-based cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and PEM...