Lucene search
K

165 matches found

OSV
OSV
added 2024/02/01 12:15 p.m.3 views

CVE-2023-51514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...

5.4CVSS5.8AI score0.00349EPSS
Exploits0References1
NVD
NVD
added 2024/02/01 12:15 p.m.23 views

CVE-2023-51514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...

6.5CVSS6.4AI score0.00349EPSS
Exploits0References1
Prion
Prion
added 2024/02/01 12:15 p.m.12 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...

4.9CVSS6.9AI score0.00349EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/02/01 11:17 a.m.48 views

CVE-2023-51514

CVE-2023-51514 is a Stored XSS in the CBX Bookmark & Favorite WordPress plugin (cbxwpbookmark) affecting versions up to 1.7.13. Root cause: Improper neutralization of input during web page generation. Impact: stored script execution on affected sites. Remediation: patch available (Patched) in lat...

6.5CVSS6.7AI score0.00349EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/01 11:17 a.m.17 views

CVE-2023-51514 WordPress CBX Bookmark & Favorite Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...

6.5CVSS6.7AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/01 12:0 a.m.4 views

WordPress plugin CBX Bookmark & Favorite cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS6.1AI score0.00349EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.12 views

CBX Bookmark & Favorite < 1.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The CBX Bookmark & Favorite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and abov...

6.5CVSS5.9AI score0.00349EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.8 views

WordPress CBX Bookmark & Favorite Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS)

Software CBX Bookmark & Favorite Type Plugin Vulnerable versions = 1.7.13 Fixed in 1.7.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51514 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8b970dcc1144 Credits Ngô Thiên An ancorn from...

6.5CVSS6.5AI score0.00349EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2023/08/18 12:37 p.m.23 views

Cross-site Request Forgery (CSRF)

org.jenkins-ci.plugins, favorite-view is vulnerable to Cross-Site Request Forgery. The vulnerability exists due to the lack of validation in the HTTP endpoint which allows an attackers to add or remove views from another user's favorite views tab bar...

4.3CVSS6.7AI score0.00276EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/08/16 3:30 p.m.20 views

GHSA-JRJ6-QX48-3CPQ Jenkins Favorite View Plugin cross-site request forgery vulnerability

Jenkins Favorite View Plugin 5.v77a37f62782d and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to add or remove views from another user’s favorite views tab bar. As of publication of...

4.3CVSS4.8AI score0.00276EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/08/16 3:30 p.m.28 views

Jenkins Favorite View Plugin cross-site request forgery vulnerability

Jenkins Favorite View Plugin 5.v77a37f62782d and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to add or remove views from another user’s favorite views tab bar. As of publication of...

4.3CVSS6.6AI score0.00276EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/08/16 3:15 p.m.2 views

CVE-2023-40351

A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/16 2:32 p.m.36 views

CVE-2023-40351

A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...

5.3AI score0.00276EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/16 2:32 p.m.15 views

CVE-2023-40351

A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...

7AI score0.00276EPSS
Exploits0References2
CVE
CVE
added 2023/08/16 2:32 p.m.253 views

CVE-2023-40351

CVE-2023-40351 affects Jenkins Favorite View Plugin (version 5.v77a_37f62782d and earlier). The underlying issue is a cross-site request forgery (CSRF) vulnerability that enables an attacker to add or remove views from another user’s Favorite Views tab bar. Multiple connected sources (NVD/NESus a...

4.3CVSS4.5AI score0.00276EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2023/08/16 2:32 p.m.18 views

CVE-2023-40351

A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...

4.3CVSS6.9AI score0.00276EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/16 12:0 a.m.5 views

Jenkins Plugin Favorite View 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin Favorite...

4.3CVSS5AI score0.00276EPSS
Exploits0References5
Wiz blog
Wiz blog
added 2023/05/11 2:32 p.m.9 views

Top Security Talks from KubeCon Europe 2023

KubeCon Europe is the largest open-source community conference in Europe with hundreds of talks. We picked our favorite Kubernetes security sessions available online...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/08/18 1:3 a.m.21 views

[Security Nation] Jen and Tod on Hacker Summer Camp 2022

!\Security Nation\ Jen and Tod on Hacker Summer Camp 2022https://blog.rapid7.com/content/images/2022/08/securitynationlogo-1.jpg In this episode of Security Nation, Tod and Jen chat about their experience at this year’s Hacker Summer Camp, the multi-event lineup of cybersecurity conferences in La...

Exploits0
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.5 views

Google Android 权限许可和访问控制问题漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google Google. Google Android has a security vulnerability that could be exploited by attackers to delete Fdn contacts...

6.5CVSS5.7AI score0.00272EPSS
Exploits0References6
Rows per page
Query Builder