165 matches found
CVE-2023-51514
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...
CVE-2023-51514
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...
CVE-2023-51514
CVE-2023-51514 is a Stored XSS in the CBX Bookmark & Favorite WordPress plugin (cbxwpbookmark) affecting versions up to 1.7.13. Root cause: Improper neutralization of input during web page generation. Impact: stored script execution on affected sites. Remediation: patch available (Patched) in lat...
CVE-2023-51514 WordPress CBX Bookmark & Favorite Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...
WordPress plugin CBX Bookmark & Favorite cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CBX Bookmark & Favorite < 1.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The CBX Bookmark & Favorite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and abov...
WordPress CBX Bookmark & Favorite Plugin <= 1.7.13 is vulnerable to Cross Site Scripting (XSS)
Software CBX Bookmark & Favorite Type Plugin Vulnerable versions = 1.7.13 Fixed in 1.7.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51514 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8b970dcc1144 Credits Ngô Thiên An ancorn from...
Cross-site Request Forgery (CSRF)
org.jenkins-ci.plugins, favorite-view is vulnerable to Cross-Site Request Forgery. The vulnerability exists due to the lack of validation in the HTTP endpoint which allows an attackers to add or remove views from another user's favorite views tab bar...
GHSA-JRJ6-QX48-3CPQ Jenkins Favorite View Plugin cross-site request forgery vulnerability
Jenkins Favorite View Plugin 5.v77a37f62782d and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to add or remove views from another user’s favorite views tab bar. As of publication of...
Jenkins Favorite View Plugin cross-site request forgery vulnerability
Jenkins Favorite View Plugin 5.v77a37f62782d and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to add or remove views from another user’s favorite views tab bar. As of publication of...
CVE-2023-40351
A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...
CVE-2023-40351
A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...
CVE-2023-40351
A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...
CVE-2023-40351
CVE-2023-40351 affects Jenkins Favorite View Plugin (version 5.v77a_37f62782d and earlier). The underlying issue is a cross-site request forgery (CSRF) vulnerability that enables an attacker to add or remove views from another user’s Favorite Views tab bar. Multiple connected sources (NVD/NESus a...
CVE-2023-40351
A cross-site request forgery CSRF vulnerability in Jenkins Favorite View Plugin 5.v77a37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar...
Jenkins Plugin Favorite View 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin Favorite...
Top Security Talks from KubeCon Europe 2023
KubeCon Europe is the largest open-source community conference in Europe with hundreds of talks. We picked our favorite Kubernetes security sessions available online...
[Security Nation] Jen and Tod on Hacker Summer Camp 2022
!\Security Nation\ Jen and Tod on Hacker Summer Camp 2022https://blog.rapid7.com/content/images/2022/08/securitynationlogo-1.jpg In this episode of Security Nation, Tod and Jen chat about their experience at this year’s Hacker Summer Camp, the multi-event lineup of cybersecurity conferences in La...
Google Android 权限许可和访问控制问题漏洞
Google Android is a Linux-based open-source operating system from the U.S. company Google Google. Google Android has a security vulnerability that could be exploited by attackers to delete Fdn contacts...