14 matches found
CVE-2023-31465
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...
EUVD-2023-35772
Malicious code in bioql PyPI...
CVE-2023-31466
An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Configuration - Compliance - Add a new compliance report" and "Configuration - Timekeeper Configuration - Add a new source there" screens, there are entry points to inject JavaScript code...
CVE-2023-31465
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...
CVE-2023-31465
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...
CVE-2023-31466
An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Configuration - Compliance - Add a new compliance report" and "Configuration - Timekeeper Configuration - Add a new source there" screens, there are entry points to inject JavaScript code...
CVE-2023-31466
An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Configuration - Compliance - Add a new compliance report" and "Configuration - Timekeeper Configuration - Add a new source there" screens, there are entry points to inject JavaScript code...
PT-2023-6978 · Fsmlabs · Fsmlabs Timekeeper
Name of the Vulnerable Software and Affected Versions: FSMLabs TimeKeeper versions 8.0.17 through 8.0.28 Description: The issue is related to insufficient input validation in the FSMLabs TimeKeeper software. It allows an attacker to intercept requests from various timekeeper streams and find the...
CVE-2023-31465
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...
CVE-2023-31466
CVE-2023-31466 – FSMLabs TimeKeeper 8.0.17 XSS Affected software: FSMLabs TimeKeeper v8.0.17. Vulnerability: Cross-site scripting (XSS) due to multiple JavaScript code injection entry points on the UI. Specifically, the following screens expose potential injection points: 1) Configuration → Compl...
CVE-2023-31465
An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...
PT-2023-23345 · Fsmlabs · Fsmlabs Timekeeper
Name of the Vulnerable Software and Affected Versions: FSMLabs TimeKeeper version 8.0.17 Description: A cross-site scripting XSS issue was found, allowing for the injection of JavaScript code on specific screens. The affected screens include "Configuration - Compliance - Add a new compliance...
FSMLabs TimeKeeper 跨站脚本漏洞
FSMLabs TimeKeeper is a platform from FSMLabs, Inc. that provides enterprise-class time allocation, clock synchronization and monitoring. A cross-site scripting vulnerability exists in FSMLabs TimeKeeper version 8.0.17, which stems from multiple JavaScript code injection points on the system...
CVE-2023-31465
FSMLabs TimeKeeper