Craft CMS Vulnerable to Stored XSS in Settings Names and Field Options

Overview of all XSS Reports Multiple stored XSS vulnerabilities were found in Craft CMS. They were split into 4 reports as follows: | Report | What's Vulnerable | Why Separate | |--------|-------------------|--------------| | This Report 1 | Multiple settings names | Twig Template:...

GHSA-4MGV-366X-QXVX Craft CMS Vulnerable to Stored XSS in Settings Names and Field Options

Overview of all XSS Reports Multiple stored XSS vulnerabilities were found in Craft CMS. They were split into 4 reports as follows: | Report | What's Vulnerable | Why Separate | |--------|-------------------|--------------| | This Report 1 | Multiple settings names | Twig Template:...

EUVD-2020-23782

Malware in sbrugna...

CVE-2020-36237

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0...

Information disclosure

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0...

CVE-2020-36237

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0...

Custom field options are exposed via an unauthenticated REST API endpoint - CVE-2020-36237

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0. Affected versions: version...