EUVD-2024-1650

Malicious code in bioql PyPI...

Eclipse Ditto vulnerable to Cross-site Scripting

In Eclipse Ditto starting in version 3.0.0 and prior to versions 3.4.5 and 3.5.6, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cro...

GHSA-HJFC-6JXR-J2RX Eclipse Ditto vulnerable to Cross-site Scripting

In Eclipse Ditto starting in version 3.0.0 and prior to versions 3.4.5 and 3.5.6, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cro...

CVE-2024-5165

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

CVE-2024-5165

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

CVE-2024-5165

CVE-2024-5165 affects Eclipse Ditto 3.0.0–3.5.5. The Eclipse Ditto Explorer UI allowed user inputs to be improperly neutralized, enabling both Reflected and Stored XSS. Some inputs are only stored in local browser storage (UI settings/search queries), causing Reflected XSS; others are persisted i...

CVE-2024-5165 Eclipse Ditto User Interface vulnerable to XSS due to Improper Neutralization of Input

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

CVE-2024-5165 Eclipse Ditto User Interface vulnerable to XSS due to Improper Neutralization of Input

In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS Cross Site Scripting. Several inputs were n...

Eclipse Ditto 安全漏洞

Eclipse Ditto is an open source framework from the Eclipse Foundation for creating and managing digital twins in the Internet of Things. A security vulnerability exists in Eclipse Ditto versions 3.0.0 through 3.5.5, which stems from user input not being properly neutralized in multiple input fiel...

PT-2024-34794 · Eclipse · Eclipse Ditto

Name of the Vulnerable Software and Affected Versions: Eclipse Ditto versions 3.0.0 through 3.5.5 Description: The user input of several input fields of the Eclipse Ditto Explorer User Interface was not properly neutralized, making it vulnerable to both Reflected and Stored XSS Cross Site...