362 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the...
Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload
Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404...
CVE-2023-27998
A lack of custom error pages vulnerability CWE-756 in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...
CVE-2022-32269
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages displayed by Internet Explorer core. This leads to arbitrary code execution...
CVE-2020-6254
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting...
CVE-2020-6223
The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content...
CVE-2018-12297
Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names...
GHSA-RHXM-R44M-4325 Drupal Ignition Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS. This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...
Drupal Ignition Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS. This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...
CVE-2025-31679
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...
CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...
CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...
CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...
Drupal Ignition Error Pages 跨站脚本漏洞
Drupal Ignition Error Pages is a module of the Drupal community that provides custom error pages e.g. 404, 500, etc. to improve the user experience. A cross-site scripting vulnerability exists in Drupal Ignition Error Pages versions prior to 1.0.4, which stems from improper input neutralization a...
PT-2025-13843 · Drupal · Ignition Error Pages
Name of the Vulnerable Software and Affected Versions: Ignition Error Pages versions 0.0.0 through 1.0.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in Drupal Ignition Error Pages. This allows for...
Linux Distros Unpatched Vulnerability : CVE-2018-10547
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS ...
Octopus Server 安全漏洞
Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from insecure handling of error messages on error pages...
XVIDEOS: Error Page Content Spoofing or Text Injection
The content spoofing vulnerability on multi.xnxx.com allowed arbitrary text to be injected into error pages. The injected content was reflected back to users under the trusted domain, which could have been exploited for social engineering attacks...
DRUPAL-CONTRIB-2025-007
This module enables you to render error pages using the Ignition package. The module disables certain Drupal core code and does not perform sufficient filtering, allowing HTML to be injected in certain situations leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated...
Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007
This module enables you to render error pages using the Ignition package. The module disables certain Drupal core code and does not perform sufficient filtering, allowing HTML to be injected in certain situations leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated...