CVE-2024-22854

DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6.1.27 bundle version 61050 and before has been identified. A URL, crafted by a remote attacker and visited by an authenticated user, allows open redirect and potential credential stealing using an...

PT-2024-19586 · Darktrace · Darktrace Threat Visualizer

Name of the Vulnerable Software and Affected Versions: Darktrace Threat Visualizer versions 6.1.27 and before Description: A DOM-based HTML injection vulnerability has been identified in the main page of Darktrace Threat Visualizer. This issue allows a remote attacker to craft a URL that, when...

PT-2024-13974 · Zimbra · Zimbra Collaboration

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration versions prior to Kepler 9.0.0 Patch 38 GA Description: The issue allows DOM-based JavaScript injection in the Modern UI. This could potentially lead to malicious script execution. No information is provided about the...

PT-2022-3505 · Elementor · Elementor Website Builder

Name of the Vulnerable Software and Affected Versions: Elementor Website Builder plugin versions prior to 3.5.6 Description: The issue is related to insufficient protection of the webpage structure, allowing a remote attacker to perform cross-site scripting. This is a DOM-based Reflected Cross-Si...